hive-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ser...@apache.org
Subject [03/11] hive git commit: HIVE-11593 Add aes_encrypt and aes_decrypt UDFs (Alexander Pivovarov, reviewed by Jason Dere)
Date Wed, 09 Sep 2015 02:18:07 GMT
HIVE-11593 Add aes_encrypt and aes_decrypt UDFs (Alexander Pivovarov, reviewed by Jason Dere)


Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/f4acb44f
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/f4acb44f
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/f4acb44f

Branch: refs/heads/llap
Commit: f4acb44f67b64e85f53de6d8503ef2ae6e0fa524
Parents: 8bed378
Author: Alexander Pivovarov <apivovarov@gmail.com>
Authored: Sun Aug 16 18:36:32 2015 -0700
Committer: Alexander Pivovarov <apivovarov@gmail.com>
Committed: Sat Sep 5 19:24:50 2015 -0700

----------------------------------------------------------------------
 .../hadoop/hive/ql/exec/FunctionRegistry.java   |   2 +
 .../hive/ql/udf/generic/GenericUDFAesBase.java  | 205 ++++++++++++++++
 .../ql/udf/generic/GenericUDFAesDecrypt.java    |  50 ++++
 .../ql/udf/generic/GenericUDFAesEncrypt.java    |  50 ++++
 .../ql/udf/generic/GenericUDFParamUtils.java    |   8 +-
 .../udf/generic/TestGenericUDFAesDecrypt.java   | 233 +++++++++++++++++++
 .../udf/generic/TestGenericUDFAesEncrypt.java   | 228 ++++++++++++++++++
 .../queries/clientpositive/udf_aes_decrypt.q    |  21 ++
 .../queries/clientpositive/udf_aes_encrypt.q    |  21 ++
 .../results/clientpositive/show_functions.q.out |   2 +
 .../clientpositive/udf_aes_decrypt.q.out        |  79 +++++++
 .../clientpositive/udf_aes_encrypt.q.out        |  79 +++++++
 12 files changed, 977 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java
index 4c1c53e..f1fe30d 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java
@@ -234,6 +234,8 @@ public final class FunctionRegistry {
     system.registerUDF("md5", UDFMd5.class, false);
     system.registerUDF("sha1", UDFSha1.class, false);
     system.registerUDF("sha", UDFSha1.class, false);
+    system.registerGenericUDF("aes_encrypt", GenericUDFAesEncrypt.class);
+    system.registerGenericUDF("aes_decrypt", GenericUDFAesDecrypt.class);
 
     system.registerGenericUDF("encode", GenericUDFEncode.class);
     system.registerGenericUDF("decode", GenericUDFDecode.class);

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesBase.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesBase.java b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesBase.java
new file mode 100644
index 0000000..66a4457
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesBase.java
@@ -0,0 +1,205 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.ql.udf.generic;
+
+import static org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorUtils.PrimitiveGrouping.BINARY_GROUP;
+import static org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorUtils.PrimitiveGrouping.STRING_GROUP;
+
+import java.security.GeneralSecurityException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.crypto.Cipher;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.hadoop.hive.ql.exec.UDFArgumentException;
+import org.apache.hadoop.hive.ql.metadata.HiveException;
+import org.apache.hadoop.hive.serde2.objectinspector.ConstantObjectInspector;
+import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector;
+import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspectorConverters.Converter;
+import org.apache.hadoop.hive.serde2.objectinspector.PrimitiveObjectInspector.PrimitiveCategory;
+import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorFactory;
+import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorUtils;
+import org.apache.hadoop.io.BytesWritable;
+import org.apache.hadoop.io.Text;
+
+/**
+ * GenericUDFAesBase.
+ *
+ */
+public abstract class GenericUDFAesBase extends GenericUDF {
+  protected transient Converter[] converters = new Converter[2];
+  protected transient PrimitiveCategory[] inputTypes = new PrimitiveCategory[2];
+  protected final BytesWritable output = new BytesWritable();
+  protected transient boolean isStr0;
+  protected transient boolean isStr1;
+  protected transient boolean isKeyConstant;
+  protected transient Cipher cipher;
+  protected transient SecretKey secretKey;
+
+  @Override
+  public ObjectInspector initialize(ObjectInspector[] arguments) throws UDFArgumentException {
+    checkArgsSize(arguments, 2, 2);
+
+    checkArgPrimitive(arguments, 0);
+    checkArgPrimitive(arguments, 1);
+
+    // the function should support both string and binary input types
+    if (canParam0BeStr()) {
+      checkArgGroups(arguments, 0, inputTypes, STRING_GROUP, BINARY_GROUP);
+    } else {
+      checkArgGroups(arguments, 0, inputTypes, BINARY_GROUP);
+    }
+    checkArgGroups(arguments, 1, inputTypes, STRING_GROUP, BINARY_GROUP);
+
+    if (isStr0 = PrimitiveObjectInspectorUtils.getPrimitiveGrouping(inputTypes[0]) == STRING_GROUP) {
+      obtainStringConverter(arguments, 0, inputTypes, converters);
+    } else {
+      GenericUDFParamUtils.obtainBinaryConverter(arguments, 0, inputTypes, converters);
+    }
+
+    isKeyConstant = arguments[1] instanceof ConstantObjectInspector;
+    byte[] key = null;
+    int keyLength = 0;
+
+    if (isStr1 = PrimitiveObjectInspectorUtils.getPrimitiveGrouping(inputTypes[1]) == STRING_GROUP) {
+      if (isKeyConstant) {
+        String keyStr = getConstantStringValue(arguments, 1);
+        if (keyStr != null) {
+          key = keyStr.getBytes();
+          keyLength = key.length;
+        }
+      } else {
+        obtainStringConverter(arguments, 1, inputTypes, converters);
+      }
+    } else {
+      if (isKeyConstant) {
+        BytesWritable keyWr = GenericUDFParamUtils.getConstantBytesValue(arguments, 1);
+        if (keyWr != null) {
+          key = keyWr.getBytes();
+          keyLength = keyWr.getLength();
+        }
+      } else {
+        GenericUDFParamUtils.obtainBinaryConverter(arguments, 1, inputTypes, converters);
+      }
+    }
+
+    if (key != null) {
+      secretKey = getSecretKey(key, keyLength);
+    }
+
+    try {
+      cipher = Cipher.getInstance("AES");
+    } catch (NoSuchPaddingException | NoSuchAlgorithmException e) {
+      throw new RuntimeException(e);
+    }
+
+    ObjectInspector outputOI = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    return outputOI;
+  }
+
+  @Override
+  public Object evaluate(DeferredObject[] arguments) throws HiveException {
+    byte[] input;
+    int inputLength;
+
+    if (isStr0) {
+      Text n = GenericUDFParamUtils.getTextValue(arguments, 0, converters);
+      if (n == null) {
+        return null;
+      }
+      input = n.getBytes();
+      inputLength = n.getLength();
+    } else {
+      BytesWritable bWr = GenericUDFParamUtils.getBinaryValue(arguments, 0, converters);
+      if (bWr == null) {
+        return null;
+      }
+      input = bWr.getBytes();
+      inputLength = bWr.getLength();
+    }
+
+    if (input == null) {
+      return null;
+    }
+
+    SecretKey secretKey;
+    if (isKeyConstant) {
+      secretKey = this.secretKey;
+    } else {
+      byte[] key;
+      int keyLength;
+      if (isStr1) {
+        Text n = GenericUDFParamUtils.getTextValue(arguments, 1, converters);
+        if (n == null) {
+          return null;
+        }
+        key = n.getBytes();
+        keyLength = n.getLength();
+      } else {
+        BytesWritable bWr = GenericUDFParamUtils.getBinaryValue(arguments, 1, converters);
+        if (bWr == null) {
+          return null;
+        }
+        key = bWr.getBytes();
+        keyLength = bWr.getLength();
+      }
+      secretKey = getSecretKey(key, keyLength);
+    }
+
+    if (secretKey == null) {
+      return null;
+    }
+
+    byte[] res = aesFunction(input, inputLength, secretKey);
+
+    if (res == null) {
+      return null;
+    }
+
+    output.set(res, 0, res.length);
+    return output;
+  }
+
+  protected SecretKey getSecretKey(byte[] key, int keyLength) {
+    if (keyLength == 16 || keyLength == 32 || keyLength == 24) {
+      return new SecretKeySpec(key, 0, keyLength, "AES");
+    }
+    return null;
+  }
+
+  protected byte[] aesFunction(byte[] input, int inputLength, SecretKey secretKey) {
+    try {
+      cipher.init(getCipherMode(), secretKey);
+      byte[] res = cipher.doFinal(input, 0, inputLength);
+      return res;
+    } catch (GeneralSecurityException e) {
+      return null;
+    }
+  }
+
+  abstract protected int getCipherMode();
+
+  abstract protected boolean canParam0BeStr();
+
+  @Override
+  public String getDisplayString(String[] children) {
+    return getStandardDisplayString(getFuncName(), children);
+  }
+}

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesDecrypt.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesDecrypt.java b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesDecrypt.java
new file mode 100644
index 0000000..d83fd2d
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesDecrypt.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.ql.udf.generic;
+
+import javax.crypto.Cipher;
+
+import org.apache.hadoop.hive.ql.exec.Description;
+
+/**
+ * GenericUDFAesDecrypt.
+ *
+ */
+@Description(name = "aes_decrypt", value = "_FUNC_(input binary, key string/binary) - Decrypt input using AES.",
+    extended = "AES (Advanced Encryption Standard) algorithm. "
+    + "Key lengths of 128, 192 or 256 bits can be used. 192 and 256 bits keys can be used if "
+    + "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are installed. "
+    + "If either argument is NULL or the key length is not one of the permitted values, the return value is NULL.\n"
+    + "Example: > SELECT _FUNC_(unbase64('y6Ss+zCYObpCbgfWfyNWTw=='), '1234567890123456');\n 'ABC'")
+public class GenericUDFAesDecrypt extends GenericUDFAesBase {
+
+  @Override
+  protected int getCipherMode() {
+    return Cipher.DECRYPT_MODE;
+  }
+
+  @Override
+  protected boolean canParam0BeStr() {
+    return false;
+  }
+
+  @Override
+  protected String getFuncName() {
+    return "aes_decrypt";
+  }
+}

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesEncrypt.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesEncrypt.java b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesEncrypt.java
new file mode 100644
index 0000000..d916441
--- /dev/null
+++ b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesEncrypt.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.ql.udf.generic;
+
+import javax.crypto.Cipher;
+
+import org.apache.hadoop.hive.ql.exec.Description;
+
+/**
+ * GenericUDFAesEncrypt.
+ *
+ */
+@Description(name = "aes_encrypt", value = "_FUNC_(input string/binary, key string/binary) - Encrypt input using AES.",
+    extended = "AES (Advanced Encryption Standard) algorithm. "
+    + "Key lengths of 128, 192 or 256 bits can be used. 192 and 256 bits keys can be used if "
+    + "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are installed. "
+    + "If either argument is NULL or the key length is not one of the permitted values, the return value is NULL.\n"
+    + "Example: > SELECT base64(_FUNC_('ABC', '1234567890123456'));\n 'y6Ss+zCYObpCbgfWfyNWTw=='")
+public class GenericUDFAesEncrypt extends GenericUDFAesBase {
+
+  @Override
+  protected int getCipherMode() {
+    return Cipher.ENCRYPT_MODE;
+  }
+
+  @Override
+  protected boolean canParam0BeStr() {
+    return true;
+  }
+
+  @Override
+  protected String getFuncName() {
+    return "aes_encrypt";
+  }
+}

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java
----------------------------------------------------------------------
diff --git a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java
index cdbc6ea..0e7eb8e 100644
--- a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java
+++ b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java
@@ -21,10 +21,11 @@ package org.apache.hadoop.hive.ql.udf.generic;
 import org.apache.hadoop.hive.ql.exec.UDFArgumentTypeException;
 import org.apache.hadoop.hive.ql.metadata.HiveException;
 import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredObject;
+import org.apache.hadoop.hive.serde2.objectinspector.ConstantObjectInspector;
 import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector;
 import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspectorConverters;
-import org.apache.hadoop.hive.serde2.objectinspector.PrimitiveObjectInspector;
 import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspectorConverters.Converter;
+import org.apache.hadoop.hive.serde2.objectinspector.PrimitiveObjectInspector;
 import org.apache.hadoop.hive.serde2.objectinspector.PrimitiveObjectInspector.PrimitiveCategory;
 import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorFactory;
 import org.apache.hadoop.io.BytesWritable;
@@ -68,4 +69,9 @@ public class GenericUDFParamUtils {
     converters[i] = converter;
     inputTypes[i] = inputType;
   }
+
+  public static BytesWritable getConstantBytesValue(ObjectInspector[] arguments, int i) {
+    Object constValue = ((ConstantObjectInspector) arguments[i]).getWritableConstantValue();
+    return (BytesWritable) constValue;
+  }
 }

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesDecrypt.java
----------------------------------------------------------------------
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesDecrypt.java b/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesDecrypt.java
new file mode 100644
index 0000000..729f2fc
--- /dev/null
+++ b/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesDecrypt.java
@@ -0,0 +1,233 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.ql.udf.generic;
+
+import static org.junit.Assert.assertEquals;
+
+import java.security.NoSuchAlgorithmException;
+
+import javax.crypto.Cipher;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.codec.binary.Hex;
+import org.apache.hadoop.hive.ql.metadata.HiveException;
+import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredJavaObject;
+import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredObject;
+import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector;
+import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorFactory;
+import org.apache.hadoop.hive.serde2.typeinfo.TypeInfoFactory;
+import org.apache.hadoop.io.BytesWritable;
+import org.apache.hadoop.io.Text;
+import org.junit.Test;
+
+public class TestGenericUDFAesDecrypt {
+
+  @Test
+  public void testAesDec128ConstStr() throws HiveException {
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    Text keyWr = new Text("1234567890123456");
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyStr("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, "ABC", udf);
+    runAndVerifyStr("BQGHoM3lqYcsurCRq3PlUw==", keyWr, "", udf);
+    // null
+    runAndVerifyStr(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDec256ConstStr() throws HiveException, NoSuchAlgorithmException {
+    int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
+    // skip the test if Java Cryptography Extension (JCE) Unlimited Strength
+    // Jurisdiction Policy Files not installed
+    if (maxKeyLen < 256) {
+      return;
+    }
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    Text keyWr = new Text("1234567890123456" + "1234567890123456");
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyStr("nYfCuJeRd5eD60yXDw7WEA==", keyWr, "ABC", udf);
+    runAndVerifyStr("mVClVqZ6W4VF6b842FOgCA==", keyWr, "", udf);
+    // null
+    runAndVerifyStr(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDec128Str() throws HiveException {
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    Text keyWr = new Text("1234567890123456");
+    runAndVerifyStr("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, "ABC", udf);
+    runAndVerifyStr("BQGHoM3lqYcsurCRq3PlUw==", keyWr, "", udf);
+    // null
+    runAndVerifyStr(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDec128ConstBin() throws HiveException {
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    BytesWritable keyWr = new BytesWritable("1234567890123456".getBytes());
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.binaryTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyBin("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, "ABC", udf);
+    runAndVerifyBin("BQGHoM3lqYcsurCRq3PlUw==", keyWr, "", udf);
+    // null
+    runAndVerifyBin(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDec128Bin() throws HiveException {
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    BytesWritable keyWr = new BytesWritable("1234567890123456".getBytes());
+    runAndVerifyBin("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, "ABC", udf);
+    runAndVerifyBin("BQGHoM3lqYcsurCRq3PlUw==", keyWr, "", udf);
+    // null
+    runAndVerifyBin(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDec192Bin() throws HiveException, NoSuchAlgorithmException {
+    int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
+    // skip the test if Java Cryptography Extension (JCE) Unlimited Strength
+    // Jurisdiction Policy Files not installed
+    if (maxKeyLen < 192) {
+      return;
+    }
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    BytesWritable keyWr = new BytesWritable(("1234567890123456" + "12345678").getBytes());
+    runAndVerifyBin("ucvvpP9r2/LfQ6BilQuFtA==", keyWr, "ABC", udf);
+    runAndVerifyBin("KqMT3cF6VwSISMaUVUB4Qw==", keyWr, "", udf);
+    // null
+    runAndVerifyBin(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDecKeyNullConstStr() throws HiveException {
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    Text keyWr = null;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyStr("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDecKeyNullStr() throws HiveException {
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    Text keyWr = null;
+    runAndVerifyStr("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDecKeyNullConstBin() throws HiveException {
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    BytesWritable keyWr = null;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.binaryTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyBin("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesDecKeyNullBin() throws HiveException {
+    GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    BytesWritable keyWr = null;
+    runAndVerifyBin("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, null, udf);
+  }
+
+  private void runAndVerifyStr(String strBase64, Text keyWr, String expResult, GenericUDFAesDecrypt udf)
+      throws HiveException {
+    DeferredObject valueObj0 = new DeferredJavaObject(
+        strBase64 != null ? new BytesWritable(Base64.decodeBase64(strBase64)) : null);
+    DeferredObject valueObj1 = new DeferredJavaObject(keyWr);
+    DeferredObject[] args = { valueObj0, valueObj1 };
+    BytesWritable output = (BytesWritable) udf.evaluate(args);
+    String expResultHex = expResult == null ? null : Hex.encodeHexString(expResult.getBytes());
+    assertEquals("aes_decrypt() test ", expResultHex, output != null ? copyBytesAndHex(output) : null);
+  }
+
+  private void runAndVerifyBin(String strBase64, BytesWritable keyWr, String expResult, GenericUDFAesDecrypt udf)
+      throws HiveException {
+    DeferredObject valueObj0 = new DeferredJavaObject(
+        strBase64 != null ? new BytesWritable(Base64.decodeBase64(strBase64)) : null);
+    DeferredObject valueObj1 = new DeferredJavaObject(keyWr);
+    DeferredObject[] args = { valueObj0, valueObj1 };
+    BytesWritable output = (BytesWritable) udf.evaluate(args);
+    String expResultHex = expResult == null ? null : Hex.encodeHexString(expResult.getBytes());
+    assertEquals("aes_decrypt() test ", expResultHex, output != null ? copyBytesAndHex(output) : null);
+  }
+
+  private String copyBytesAndHex(BytesWritable bw) {
+    int size = bw.getLength();
+    byte[] bytes = new byte[size];
+    System.arraycopy(bw.getBytes(), 0, bytes, 0, size);
+    return Hex.encodeHexString(bytes);
+  }
+}

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesEncrypt.java
----------------------------------------------------------------------
diff --git a/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesEncrypt.java b/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesEncrypt.java
new file mode 100644
index 0000000..5e5914d
--- /dev/null
+++ b/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesEncrypt.java
@@ -0,0 +1,228 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.hive.ql.udf.generic;
+
+import static org.junit.Assert.assertEquals;
+
+import java.security.NoSuchAlgorithmException;
+
+import javax.crypto.Cipher;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.hadoop.hive.ql.metadata.HiveException;
+import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredJavaObject;
+import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredObject;
+import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector;
+import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorFactory;
+import org.apache.hadoop.hive.serde2.typeinfo.TypeInfoFactory;
+import org.apache.hadoop.io.BytesWritable;
+import org.apache.hadoop.io.Text;
+import org.junit.Test;
+
+public class TestGenericUDFAesEncrypt {
+
+  @Test
+  public void testAesEnc128ConstStr() throws HiveException {
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    Text keyWr = new Text("1234567890123456");
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyStr("ABC", keyWr, "y6Ss+zCYObpCbgfWfyNWTw==", udf);
+    runAndVerifyStr("", keyWr, "BQGHoM3lqYcsurCRq3PlUw==", udf);
+    // null
+    runAndVerifyStr(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEnc256ConstStr() throws HiveException, NoSuchAlgorithmException {
+    int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
+    // skip the test if Java Cryptography Extension (JCE) Unlimited Strength
+    // Jurisdiction Policy Files not installed
+    if (maxKeyLen < 256) {
+      return;
+    }
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    Text keyWr = new Text("1234567890123456" + "1234567890123456");
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyStr("ABC", keyWr, "nYfCuJeRd5eD60yXDw7WEA==", udf);
+    runAndVerifyStr("", keyWr, "mVClVqZ6W4VF6b842FOgCA==", udf);
+    // null
+    runAndVerifyStr(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEnc128Str() throws HiveException {
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    Text keyWr = new Text("1234567890123456");
+    runAndVerifyStr("ABC", keyWr, "y6Ss+zCYObpCbgfWfyNWTw==", udf);
+    runAndVerifyStr("", keyWr, "BQGHoM3lqYcsurCRq3PlUw==", udf);
+    // null
+    runAndVerifyStr(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEnc128ConstBin() throws HiveException {
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    BytesWritable keyWr = new BytesWritable("1234567890123456".getBytes());
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.binaryTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, "y6Ss+zCYObpCbgfWfyNWTw==", udf);
+    runAndVerifyBin(new byte[0], keyWr, "BQGHoM3lqYcsurCRq3PlUw==", udf);
+    // null
+    runAndVerifyBin(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEnc128Bin() throws HiveException {
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    BytesWritable keyWr = new BytesWritable("1234567890123456".getBytes());
+    runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, "y6Ss+zCYObpCbgfWfyNWTw==", udf);
+    runAndVerifyBin(new byte[0], keyWr, "BQGHoM3lqYcsurCRq3PlUw==", udf);
+    // null
+    runAndVerifyBin(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEnc192Bin() throws HiveException, NoSuchAlgorithmException {
+    int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
+    // skip the test if Java Cryptography Extension (JCE) Unlimited Strength
+    // Jurisdiction Policy Files not installed
+    if (maxKeyLen < 192) {
+      return;
+    }
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    BytesWritable keyWr = new BytesWritable(("1234567890123456" + "12345678").getBytes());
+    runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, "ucvvpP9r2/LfQ6BilQuFtA==", udf);
+    runAndVerifyBin(new byte[0], keyWr, "KqMT3cF6VwSISMaUVUB4Qw==", udf);
+    // null
+    runAndVerifyBin(null, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEncKeyNullConstStr() throws HiveException {
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    Text keyWr = null;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyStr("ABC", keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEncKeyNullStr() throws HiveException {
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableStringObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    Text keyWr = null;
+    runAndVerifyStr("ABC", keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEncKeyNullConstBin() throws HiveException {
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    BytesWritable keyWr = null;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory
+        .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.binaryTypeInfo, keyWr);
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, null, udf);
+  }
+
+  @Test
+  public void testAesEncKeyNullBin() throws HiveException {
+    GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt();
+    ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector;
+    ObjectInspector[] arguments = { valueOI0, valueOI1 };
+
+    udf.initialize(arguments);
+
+    BytesWritable keyWr = null;
+    runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, null, udf);
+  }
+
+  private void runAndVerifyStr(String str, Text keyWr, String expResultBase64, GenericUDFAesEncrypt udf)
+      throws HiveException {
+    DeferredObject valueObj0 = new DeferredJavaObject(str != null ? new Text(str) : null);
+    DeferredObject valueObj1 = new DeferredJavaObject(keyWr);
+    DeferredObject[] args = { valueObj0, valueObj1 };
+    BytesWritable output = (BytesWritable) udf.evaluate(args);
+    assertEquals("aes_encrypt() test ", expResultBase64, output != null ? copyBytesAndBase64(output) : null);
+  }
+
+  private void runAndVerifyBin(byte[] b, BytesWritable keyWr, String expResultBase64, GenericUDFAesEncrypt udf)
+      throws HiveException {
+    DeferredObject valueObj0 = new DeferredJavaObject(b != null ? new BytesWritable(b) : null);
+    DeferredObject valueObj1 = new DeferredJavaObject(keyWr);
+    DeferredObject[] args = { valueObj0, valueObj1 };
+    BytesWritable output = (BytesWritable) udf.evaluate(args);
+    assertEquals("aes_encrypt() test ", expResultBase64, output != null ? copyBytesAndBase64(output) : null);
+  }
+
+  private String copyBytesAndBase64(BytesWritable bw) {
+    int size = bw.getLength();
+    byte[] bytes = new byte[size];
+    System.arraycopy(bw.getBytes(), 0, bytes, 0, size);
+    return new String(Base64.encodeBase64(bytes));
+  }
+}

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/queries/clientpositive/udf_aes_decrypt.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/udf_aes_decrypt.q b/ql/src/test/queries/clientpositive/udf_aes_decrypt.q
new file mode 100644
index 0000000..36a0cf9
--- /dev/null
+++ b/ql/src/test/queries/clientpositive/udf_aes_decrypt.q
@@ -0,0 +1,21 @@
+DESCRIBE FUNCTION aes_decrypt;
+DESC FUNCTION EXTENDED aes_decrypt;
+
+explain select aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456');
+
+select
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456'),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('1234567890123456')),
+aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), '1234567890123456') = binary(''),
+aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), binary('1234567890123456')) = binary(''),
+aes_decrypt(cast(null as binary), '1234567890123456'),
+aes_decrypt(cast(null as binary), binary('1234567890123456'));
+
+--bad key
+select
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '12345678901234567'),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('123456789012345')),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), ''),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('')),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as string)),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as binary));
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/queries/clientpositive/udf_aes_encrypt.q
----------------------------------------------------------------------
diff --git a/ql/src/test/queries/clientpositive/udf_aes_encrypt.q b/ql/src/test/queries/clientpositive/udf_aes_encrypt.q
new file mode 100644
index 0000000..2f03943
--- /dev/null
+++ b/ql/src/test/queries/clientpositive/udf_aes_encrypt.q
@@ -0,0 +1,21 @@
+DESCRIBE FUNCTION aes_encrypt;
+DESC FUNCTION EXTENDED aes_encrypt;
+
+explain select aes_encrypt('ABC', '1234567890123456');
+
+select
+base64(aes_encrypt('ABC', '1234567890123456')),
+base64(aes_encrypt('', '1234567890123456')),
+base64(aes_encrypt(binary('ABC'), binary('1234567890123456'))),
+base64(aes_encrypt(binary(''), binary('1234567890123456'))),
+aes_encrypt(cast(null as string), '1234567890123456'),
+aes_encrypt(cast(null as binary), binary('1234567890123456'));
+
+--bad key
+select
+aes_encrypt('ABC', '12345678901234567'),
+aes_encrypt(binary('ABC'), binary('123456789012345')),
+aes_encrypt('ABC', ''),
+aes_encrypt(binary('ABC'), binary('')),
+aes_encrypt('ABC', cast(null as string)),
+aes_encrypt(binary('ABC'), cast(null as binary));
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/results/clientpositive/show_functions.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/show_functions.q.out b/ql/src/test/results/clientpositive/show_functions.q.out
index 540079b..fbcd86a 100644
--- a/ql/src/test/results/clientpositive/show_functions.q.out
+++ b/ql/src/test/results/clientpositive/show_functions.q.out
@@ -22,6 +22,8 @@ POSTHOOK: type: SHOWFUNCTIONS
 abs
 acos
 add_months
+aes_decrypt
+aes_encrypt
 and
 array
 array_contains

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/results/clientpositive/udf_aes_decrypt.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/udf_aes_decrypt.q.out b/ql/src/test/results/clientpositive/udf_aes_decrypt.q.out
new file mode 100644
index 0000000..83780a9
--- /dev/null
+++ b/ql/src/test/results/clientpositive/udf_aes_decrypt.q.out
@@ -0,0 +1,79 @@
+PREHOOK: query: DESCRIBE FUNCTION aes_decrypt
+PREHOOK: type: DESCFUNCTION
+POSTHOOK: query: DESCRIBE FUNCTION aes_decrypt
+POSTHOOK: type: DESCFUNCTION
+aes_decrypt(input binary, key string/binary) - Decrypt input using AES.
+PREHOOK: query: DESC FUNCTION EXTENDED aes_decrypt
+PREHOOK: type: DESCFUNCTION
+POSTHOOK: query: DESC FUNCTION EXTENDED aes_decrypt
+POSTHOOK: type: DESCFUNCTION
+aes_decrypt(input binary, key string/binary) - Decrypt input using AES.
+AES (Advanced Encryption Standard) algorithm. Key lengths of 128, 192 or 256 bits can be used. 192 and 256 bits keys can be used if Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are installed. If either argument is NULL or the key length is not one of the permitted values, the return value is NULL.
+Example: > SELECT aes_decrypt(unbase64('y6Ss+zCYObpCbgfWfyNWTw=='), '1234567890123456');
+ 'ABC'
+PREHOOK: query: explain select aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456')
+PREHOOK: type: QUERY
+POSTHOOK: query: explain select aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456')
+POSTHOOK: type: QUERY
+STAGE DEPENDENCIES:
+  Stage-0 is a root stage
+
+STAGE PLANS:
+  Stage: Stage-0
+    Fetch Operator
+      limit: -1
+      Processor Tree:
+        TableScan
+          alias: _dummy_table
+          Row Limit Per Split: 1
+          Statistics: Num rows: 1 Data size: 1 Basic stats: COMPLETE Column stats: COMPLETE
+          Select Operator
+            expressions: 414243 (type: binary)
+            outputColumnNames: _col0
+            Statistics: Num rows: 1 Data size: 48 Basic stats: COMPLETE Column stats: COMPLETE
+            ListSink
+
+PREHOOK: query: select
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456'),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('1234567890123456')),
+aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), '1234567890123456') = binary(''),
+aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), binary('1234567890123456')) = binary(''),
+aes_decrypt(cast(null as binary), '1234567890123456'),
+aes_decrypt(cast(null as binary), binary('1234567890123456'))
+PREHOOK: type: QUERY
+PREHOOK: Input: _dummy_database@_dummy_table
+#### A masked pattern was here ####
+POSTHOOK: query: select
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456'),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('1234567890123456')),
+aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), '1234567890123456') = binary(''),
+aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), binary('1234567890123456')) = binary(''),
+aes_decrypt(cast(null as binary), '1234567890123456'),
+aes_decrypt(cast(null as binary), binary('1234567890123456'))
+POSTHOOK: type: QUERY
+POSTHOOK: Input: _dummy_database@_dummy_table
+#### A masked pattern was here ####
+ABC	ABC	true	true	NULL	NULL
+PREHOOK: query: --bad key
+select
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '12345678901234567'),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('123456789012345')),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), ''),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('')),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as string)),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as binary))
+PREHOOK: type: QUERY
+PREHOOK: Input: _dummy_database@_dummy_table
+#### A masked pattern was here ####
+POSTHOOK: query: --bad key
+select
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '12345678901234567'),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('123456789012345')),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), ''),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('')),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as string)),
+aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as binary))
+POSTHOOK: type: QUERY
+POSTHOOK: Input: _dummy_database@_dummy_table
+#### A masked pattern was here ####
+NULL	NULL	NULL	NULL	NULL	NULL

http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/results/clientpositive/udf_aes_encrypt.q.out
----------------------------------------------------------------------
diff --git a/ql/src/test/results/clientpositive/udf_aes_encrypt.q.out b/ql/src/test/results/clientpositive/udf_aes_encrypt.q.out
new file mode 100644
index 0000000..9e356b2
--- /dev/null
+++ b/ql/src/test/results/clientpositive/udf_aes_encrypt.q.out
@@ -0,0 +1,79 @@
+PREHOOK: query: DESCRIBE FUNCTION aes_encrypt
+PREHOOK: type: DESCFUNCTION
+POSTHOOK: query: DESCRIBE FUNCTION aes_encrypt
+POSTHOOK: type: DESCFUNCTION
+aes_encrypt(input string/binary, key string/binary) - Encrypt input using AES.
+PREHOOK: query: DESC FUNCTION EXTENDED aes_encrypt
+PREHOOK: type: DESCFUNCTION
+POSTHOOK: query: DESC FUNCTION EXTENDED aes_encrypt
+POSTHOOK: type: DESCFUNCTION
+aes_encrypt(input string/binary, key string/binary) - Encrypt input using AES.
+AES (Advanced Encryption Standard) algorithm. Key lengths of 128, 192 or 256 bits can be used. 192 and 256 bits keys can be used if Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are installed. If either argument is NULL or the key length is not one of the permitted values, the return value is NULL.
+Example: > SELECT base64(aes_encrypt('ABC', '1234567890123456'));
+ 'y6Ss+zCYObpCbgfWfyNWTw=='
+PREHOOK: query: explain select aes_encrypt('ABC', '1234567890123456')
+PREHOOK: type: QUERY
+POSTHOOK: query: explain select aes_encrypt('ABC', '1234567890123456')
+POSTHOOK: type: QUERY
+STAGE DEPENDENCIES:
+  Stage-0 is a root stage
+
+STAGE PLANS:
+  Stage: Stage-0
+    Fetch Operator
+      limit: -1
+      Processor Tree:
+        TableScan
+          alias: _dummy_table
+          Row Limit Per Split: 1
+          Statistics: Num rows: 1 Data size: 1 Basic stats: COMPLETE Column stats: COMPLETE
+          Select Operator
+            expressions: CBA4ACFB309839BA426E07D67F23564F (type: binary)
+            outputColumnNames: _col0
+            Statistics: Num rows: 1 Data size: 56 Basic stats: COMPLETE Column stats: COMPLETE
+            ListSink
+
+PREHOOK: query: select
+base64(aes_encrypt('ABC', '1234567890123456')),
+base64(aes_encrypt('', '1234567890123456')),
+base64(aes_encrypt(binary('ABC'), binary('1234567890123456'))),
+base64(aes_encrypt(binary(''), binary('1234567890123456'))),
+aes_encrypt(cast(null as string), '1234567890123456'),
+aes_encrypt(cast(null as binary), binary('1234567890123456'))
+PREHOOK: type: QUERY
+PREHOOK: Input: _dummy_database@_dummy_table
+#### A masked pattern was here ####
+POSTHOOK: query: select
+base64(aes_encrypt('ABC', '1234567890123456')),
+base64(aes_encrypt('', '1234567890123456')),
+base64(aes_encrypt(binary('ABC'), binary('1234567890123456'))),
+base64(aes_encrypt(binary(''), binary('1234567890123456'))),
+aes_encrypt(cast(null as string), '1234567890123456'),
+aes_encrypt(cast(null as binary), binary('1234567890123456'))
+POSTHOOK: type: QUERY
+POSTHOOK: Input: _dummy_database@_dummy_table
+#### A masked pattern was here ####
+y6Ss+zCYObpCbgfWfyNWTw==	BQGHoM3lqYcsurCRq3PlUw==	y6Ss+zCYObpCbgfWfyNWTw==	BQGHoM3lqYcsurCRq3PlUw==	NULL	NULL
+PREHOOK: query: --bad key
+select
+aes_encrypt('ABC', '12345678901234567'),
+aes_encrypt(binary('ABC'), binary('123456789012345')),
+aes_encrypt('ABC', ''),
+aes_encrypt(binary('ABC'), binary('')),
+aes_encrypt('ABC', cast(null as string)),
+aes_encrypt(binary('ABC'), cast(null as binary))
+PREHOOK: type: QUERY
+PREHOOK: Input: _dummy_database@_dummy_table
+#### A masked pattern was here ####
+POSTHOOK: query: --bad key
+select
+aes_encrypt('ABC', '12345678901234567'),
+aes_encrypt(binary('ABC'), binary('123456789012345')),
+aes_encrypt('ABC', ''),
+aes_encrypt(binary('ABC'), binary('')),
+aes_encrypt('ABC', cast(null as string)),
+aes_encrypt(binary('ABC'), cast(null as binary))
+POSTHOOK: type: QUERY
+POSTHOOK: Input: _dummy_database@_dummy_table
+#### A masked pattern was here ####
+NULL	NULL	NULL	NULL	NULL	NULL


Mime
View raw message