drill-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DRILL-5634) Add Crypto and Hash Functions
Date Thu, 13 Jul 2017 11:41:01 GMT

    [ https://issues.apache.org/jira/browse/DRILL-5634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16085577#comment-16085577
] 

ASF GitHub Bot commented on DRILL-5634:
---------------------------------------

Github user arina-ielchiieva commented on a diff in the pull request:

    https://github.com/apache/drill/pull/865#discussion_r127193243
  
    --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/expr/fn/impl/CryptoFunctions.java
---
    @@ -0,0 +1,389 @@
    +/*
    + * Licensed to the Apache Software Foundation (ASF) under one or more
    + * contributor license agreements.  See the NOTICE file distributed with
    + * this work for additional information regarding copyright ownership.
    + * The ASF licenses this file to you under the Apache License, Version 2.0
    + * (the "License"); you may not use this file except in compliance with
    + * the License.  You may obtain a copy of the License at
    + *
    + * http://www.apache.org/licenses/LICENSE-2.0
    + *
    + * Unless required by applicable law or agreed to in writing, software
    + * distributed under the License is distributed on an "AS IS" BASIS,
    + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    + * See the License for the specific language governing permissions and
    + * limitations under the License.
    + */
    +
    +package org.apache.drill.exec.expr.fn.impl;
    +
    +import io.netty.buffer.DrillBuf;
    +import org.apache.drill.exec.expr.DrillSimpleFunc;
    +import org.apache.drill.exec.expr.annotations.FunctionTemplate;
    +import org.apache.drill.exec.expr.annotations.Output;
    +import org.apache.drill.exec.expr.annotations.Param;
    +import org.apache.drill.exec.expr.annotations.Workspace;
    +import org.apache.drill.exec.expr.holders.VarCharHolder;
    +
    +import javax.crypto.Cipher;
    +import javax.crypto.spec.SecretKeySpec;
    +import javax.inject.Inject;
    +
    +public class CryptoFunctions {
    +  static final org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(CryptoFunctions.class);
    +
    +  private CryptoFunctions() {
    +  }
    +
    +  /**
    +   * This class returns the md2 digest of a given input string.
    +   *  Usage is SELECT md2( <input string> ) FROM ...
    +   */
    +
    +  @FunctionTemplate(name = "md2", scope = FunctionTemplate.FunctionScope.SIMPLE, nulls
= FunctionTemplate.NullHandling.NULL_IF_NULL)
    +  public static class MD2Function implements DrillSimpleFunc {
    +
    +    @Param
    +    VarCharHolder rawInput;
    +
    +    @Output
    +    VarCharHolder out;
    +
    +    @Inject
    +    DrillBuf buffer;
    +
    +    @Override
    +    public void setup() {
    +    }
    +
    +    @Override
    +    public void eval() {
    +
    +      String input = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
    +      String outputString = org.apache.commons.codec.digest.DigestUtils.md2Hex(input).toLowerCase();
    +
    +      out.buffer = buffer;
    +      out.start = 0;
    +      out.end = outputString.getBytes().length;
    +      buffer.setBytes(0, outputString.getBytes());
    +    }
    +
    +  }
    +
    +  /**
    +   * This function returns the MD5 digest of a given input string.
    +   *  Usage is shown below:
    +   *  select md5( 'testing' ) from (VALUES(1));
    +   */
    +
    +  @FunctionTemplate(name = "md5", scope = FunctionTemplate.FunctionScope.SIMPLE, nulls
= FunctionTemplate.NullHandling.NULL_IF_NULL)
    +  public static class MD5Function implements DrillSimpleFunc {
    +
    +    @Param
    +    VarCharHolder rawInput;
    +
    +    @Output
    +    VarCharHolder out;
    +
    +    @Inject
    +    DrillBuf buffer;
    +
    +    @Override
    +    public void setup() {
    +    }
    +
    +    @Override
    +    public void eval() {
    +
    +      String input = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
    +      String outputString = org.apache.commons.codec.digest.DigestUtils.md5Hex(input).toLowerCase();
    +
    +      out.buffer = buffer;
    +      out.start = 0;
    +      out.end = outputString.getBytes().length;
    +      buffer.setBytes(0, outputString.getBytes());
    +    }
    +
    +  }
    +
    +  /**
    +   * sha(<text>) / sha1(<text>): Calculates an SHA-1 160-bit checksum for
the string, as described in RFC 3174 (Secure Hash Algorithm).
    +   * (https://en.wikipedia.org/wiki/SHA-1) The value is returned as a string of 40 hexadecimal
digits, or NULL if the argument was NULL.
    +   * Note that sha() and sha1() are aliases for the same function.
    +   *
    +   * > select sha1( 'testing' ) from (VALUES(1));
    +   */
    +
    +  @FunctionTemplate(names = {"sha", "sha1"}, scope = FunctionTemplate.FunctionScope.SIMPLE,
nulls = FunctionTemplate.NullHandling.NULL_IF_NULL)
    +  public static class SHA1Function implements DrillSimpleFunc {
    +
    +    @Param
    +    VarCharHolder rawInput;
    +
    +    @Output
    +    VarCharHolder out;
    +
    +    @Inject
    +    DrillBuf buffer;
    +
    +    @Override
    +    public void setup() {
    +
    +    }
    +
    +    @Override
    +    public void eval() {
    +
    +      String input = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
    +
    +      String sha1 = org.apache.commons.codec.digest.DigestUtils.sha1Hex(input);
    +
    +      out.buffer = buffer;
    +      out.start = 0;
    +      out.end = sha1.getBytes().length;
    +      buffer.setBytes(0, sha1.getBytes());
    +    }
    +
    +  }
    +
    +  /**
    +   * sha2(<text>) / sha256(<text>): Calculates an SHA-2 256-bit checksum
for the string.  The value is returned as a string of hexadecimal digits,
    +   * or NULL if the argument was NULL. Note that sha2() and sha256() are aliases for
the same function.
    +   * > select sha2( 'testing' ) from (VALUES(1));
    +   */
    +
    +  @FunctionTemplate(names = {"sha256", "sha2"}, scope = FunctionTemplate.FunctionScope.SIMPLE,
nulls = FunctionTemplate.NullHandling.NULL_IF_NULL)
    +  public static class SHA256Function implements DrillSimpleFunc {
    +
    +    @Param
    +    VarCharHolder rawInput;
    +
    +    @Output
    +    VarCharHolder out;
    +
    +    @Inject
    +    DrillBuf buffer;
    +
    +
    +    @Override
    +    public void setup() {
    +
    +    }
    +
    +    @Override
    +    public void eval() {
    +
    +      String input = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
    +
    +      String sha2 = org.apache.commons.codec.digest.DigestUtils.sha256Hex(input);
    +
    +      out.buffer = buffer;
    +      out.start = 0;
    +      out.end = sha2.getBytes().length;
    +      buffer.setBytes(0, sha2.getBytes());
    +    }
    +
    +  }
    +
    +  /**
    +   * This function returns the SHA384 digest of a given input string.
    +   *  Usage is shown below:
    +   *  select sha384( 'testing' ) from (VALUES(1));
    +   */
    +
    +  @FunctionTemplate(name = "sha384", scope = FunctionTemplate.FunctionScope.SIMPLE, nulls
= FunctionTemplate.NullHandling.NULL_IF_NULL)
    +  public static class SHA384Function implements DrillSimpleFunc {
    +
    +    @Param
    +    VarCharHolder rawInput;
    +
    +    @Output
    +    VarCharHolder out;
    +
    +    @Inject
    +    DrillBuf buffer;
    +
    +    @Override
    +    public void setup() {
    +
    +    }
    +
    +    @Override
    +    public void eval() {
    +
    +      String input = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
    +
    +      String sha384 = org.apache.commons.codec.digest.DigestUtils.sha384Hex(input);
    +
    +      out.buffer = buffer;
    +      out.start = 0;
    +      out.end = sha384.getBytes().length;
    +      buffer.setBytes(0, sha384.getBytes());
    +    }
    +
    +  }
    +
    +  /**
    +   * This function returns the SHA512 digest of a given input string.
    +   *  Usage is shown below:
    +   *  select sha512( 'testing' ) from (VALUES(1));
    +   */
    +
    +
    +  @FunctionTemplate(name = "sha512", scope = FunctionTemplate.FunctionScope.SIMPLE, nulls
= FunctionTemplate.NullHandling.NULL_IF_NULL)
    +  public static class SHA512Function implements DrillSimpleFunc {
    +
    +    @Param
    +    VarCharHolder rawInput;
    +
    +    @Output
    +    VarCharHolder out;
    +
    +    @Inject
    +    DrillBuf buffer;
    +
    +    @Override
    +    public void setup() {
    +
    +    }
    +
    +    @Override
    +    public void eval() {
    +
    +      String input = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
    +
    +      String sha512 = org.apache.commons.codec.digest.DigestUtils.sha512Hex(input);
    +
    +      out.buffer = buffer;
    +      out.start = 0;
    +      out.end = sha512.getBytes().length;
    +      buffer.setBytes(0, sha512.getBytes());
    +    }
    +
    +  }
    +
    +  /**
    +   * aes_encrypt()/ aes_decrypt(): implement encryption and decryption of data using
the official AES (Advanced Encryption Standard) algorithm,
    +   * previously known as “Rijndael.” AES_ENCRYPT() encrypts the string str using
the key string key_str and returns a
    +   * binary string containing the encrypted output.
    +   * Usage:  SELECT aes_encrypt( 'encrypted_text', 'my_secret_key' ) AS aes FROM (VALUES(1));
    +   */
    +
    +
    +  @FunctionTemplate(name = "aes_encrypt", scope = FunctionTemplate.FunctionScope.SIMPLE,
nulls = FunctionTemplate.NullHandling.NULL_IF_NULL)
    +  public static class AESEncryptFunction implements DrillSimpleFunc {
    +
    +    @Param
    +    VarCharHolder rawInput;
    +
    +    @Param
    +    VarCharHolder rawKey;
    +
    +    @Output
    +    VarCharHolder out;
    +
    +    @Inject
    +    DrillBuf buffer;
    +
    +    @Workspace
    +    Cipher cipher;
    +
    +    @Override
    +    public void setup() {
    +      String key = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawKey.start,
rawKey.end, rawKey.buffer);
    +      java.security.MessageDigest sha = null;
    +      try {
    +        byte[] keyByteArray = key.getBytes("UTF-8");
    +        sha = java.security.MessageDigest.getInstance("SHA-1");
    +        keyByteArray = sha.digest(keyByteArray);
    +        keyByteArray = java.util.Arrays.copyOf(keyByteArray, 16);
    +        SecretKeySpec secretKey = new SecretKeySpec(keyByteArray, "AES");
    +
    +        cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
    +        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    +      } catch (Exception e) {
    +        logger.debug(e.getMessage());
    +      }
    +    }
    +
    +    @Override
    +    public void eval() {
    +
    +      String input = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
    +      String encryptedText = "";
    +      try {
    +        encryptedText = javax.xml.bind.DatatypeConverter.printBase64Binary(cipher.doFinal(input.getBytes("UTF-8")));
    +      } catch (Exception e) {
    +        logger.debug(e.getMessage());
    +      }
    +
    +      out.buffer = buffer;
    +      out.start = 0;
    +      out.end = encryptedText.getBytes().length;
    +      buffer.setBytes(0, encryptedText.getBytes());
    +    }
    +
    +  }
    +
    +  /**
    +   *  AES_DECRYPT() decrypts the encrypted string crypt_str using the key string key_str
and returns the original cleartext string.
    +   *  If either function argument is NULL, the function returns NULL.
    +   *  Usage:  SELECT aes_decrypt( <encrypted_text>, <key> ) FROM ...
    +   */
    +
    +  @FunctionTemplate(name = "aes_decrypt", scope = FunctionTemplate.FunctionScope.SIMPLE,
nulls = FunctionTemplate.NullHandling.NULL_IF_NULL)
    +  public static class AESDecryptFunction implements DrillSimpleFunc {
    +
    +    @Param
    +    VarCharHolder rawInput;
    +
    +    @Param
    +    VarCharHolder rawKey;
    +
    +    @Output
    +    VarCharHolder out;
    +
    +    @Inject
    +    DrillBuf buffer;
    +
    +    @Workspace
    +    Cipher cipher;
    +
    +    @Override
    +    public void setup() {
    +      String key = org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawKey.start,
rawKey.end, rawKey.buffer);
    +      java.security.MessageDigest sha = null;
    +      try {
    +        byte[] keyByteArray = key.getBytes("UTF-8");
    +        sha = java.security.MessageDigest.getInstance("SHA-1");
    +        keyByteArray = sha.digest(keyByteArray);
    +        keyByteArray = java.util.Arrays.copyOf(keyByteArray, 16);
    +        SecretKeySpec secretKey = new SecretKeySpec(keyByteArray, "AES");
    +
    +        cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
    +        cipher.init(Cipher.DECRYPT_MODE, secretKey);
    +      } catch (Exception e) {
    +        logger.debug(e.getMessage());
    --- End diff --
    
    Replace with comment explaining why we don't care about the exception.


> Add Crypto and Hash Functions
> -----------------------------
>
>                 Key: DRILL-5634
>                 URL: https://issues.apache.org/jira/browse/DRILL-5634
>             Project: Apache Drill
>          Issue Type: New Feature
>          Components: Functions - Drill
>    Affects Versions: 1.10.0
>            Reporter: Charles Givre
>              Labels: doc-impacting
>             Fix For: 1.11.0
>
>
> This library contains a collection of cryptography-related functions for Apache Drill.
It generally mirrors the crypto functions in MySQL.  The package includes:
> * **`aes_encrypt()`/ `aes_decrypt()`**: implement encryption and decryption of data using
the official AES (Advanced Encryption Standard) algorithm, previously known as “Rijndael.”
>  `AES_ENCRYPT()` encrypts the string `str` using the key string `key_str` and returns
a binary string containing the encrypted output. `AES_DECRYPT()` decrypts the encrypted string
`crypt_str` using the key string `key_str` and returns the original cleartext string. If either
function argument is NULL, the function returns NULL.
> ```sql
> > SELECT aes_encrypt( 'encrypted_text', 'my_secret_key' ) AS aes FROM (VALUES(1));
> +---------------------------+
> |            aes            |
> +---------------------------+
> | JkcBUNAn8ByKWCcVmNrKMA==  |
> +---------------------------+
>  > SELECT aes_encrypt( 'encrypted_text', 'my_secret_key' ) AS encrypted,
>  aes_decrypt(aes_encrypt( 'encrypted_text', 'my_secret_key' ),'my_secret_key') AS decrypted

>  FROM (VALUES(1));
> +---------------------------+-----------------+
> |         encrypted         |    decrypted    |
> +---------------------------+-----------------+
> | JkcBUNAn8ByKWCcVmNrKMA==  | encrypted_text  |
> +---------------------------+-----------------+
> ```
> * **`md5(<text>)`**:  Returns the md5 hash of the text. (https://en.wikipedia.org/wiki/MD5)
> Usage:
> ```sql
> > select md5( 'testing' ) from (VALUES(1));
> +-----------------------------------+
> |              EXPR$0               |
> +-----------------------------------+
> | ae2b1fca515949e5d54fb22b8ed95575  |
> +-----------------------------------+
> ```
> * **`sha(<text>`) / `sha1(<text>)`**: Calculates an SHA-1 160-bit checksum
for the string, as described in RFC 3174 (Secure Hash Algorithm). (https://en.wikipedia.org/wiki/SHA-1)
 The value is returned as a string of 40 hexadecimal digits, or NULL if the argument was NULL.
Note that `sha()` and `sha1()` are aliases for the same function. 
> ```sql
> > select sha1( 'testing' ) from (VALUES(1));
> +-------------------------------------------+
> |                  EXPR$0                   |
> +-------------------------------------------+
> | dc724af18fbdd4e59189f5fe768a5f8311527050  |
> +-------------------------------------------+
> ```
> * **`sha2(<text>`) / `sha256(<text>)`**: Calculates an SHA-2 256-bit checksum
for the string. (https://en.wikipedia.org/wiki/SHA-2)  The value is returned as a string of
hexadecimal digits, or NULL if the argument was NULL. Note that `sha2()` and `sha256()` are
aliases for the same function. 
> ```sql
> > select sha2( 'testing' ) from (VALUES(1));
> +-------------------------------------------------------------------+
> |                              EXPR$0                               |
> +-------------------------------------------------------------------+
> | cf80cd8aed482d5d1527d7dc72fceff84e6326592848447d2dc0b0e87dfc9a90  |
> +-------------------------------------------------------------------+
> ```
> Additionally, there are also `sha384(<text>)` and `sha512(<text>)` functions
which return SHA-2 hashes with 384 and 512 bit checksums.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message