Return-Path: X-Original-To: apmail-hive-commits-archive@www.apache.org Delivered-To: apmail-hive-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5FB5D17577 for ; Wed, 9 Sep 2015 02:18:06 +0000 (UTC) Received: (qmail 83173 invoked by uid 500); 9 Sep 2015 02:18:06 -0000 Delivered-To: apmail-hive-commits-archive@hive.apache.org Received: (qmail 83040 invoked by uid 500); 9 Sep 2015 02:18:06 -0000 Mailing-List: contact commits-help@hive.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: hive-dev@hive.apache.org Delivered-To: mailing list commits@hive.apache.org Received: (qmail 82649 invoked by uid 99); 9 Sep 2015 02:18:06 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Sep 2015 02:18:06 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id E2C36E041F; Wed, 9 Sep 2015 02:18:05 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sershe@apache.org To: commits@hive.apache.org Date: Wed, 09 Sep 2015 02:18:07 -0000 Message-Id: <813c242e141c4b2ca4b45c589a2abbb5@git.apache.org> In-Reply-To: <0867e114569d41d2962cc37f8a8a8667@git.apache.org> References: <0867e114569d41d2962cc37f8a8a8667@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [03/11] hive git commit: HIVE-11593 Add aes_encrypt and aes_decrypt UDFs (Alexander Pivovarov, reviewed by Jason Dere) HIVE-11593 Add aes_encrypt and aes_decrypt UDFs (Alexander Pivovarov, reviewed by Jason Dere) Project: http://git-wip-us.apache.org/repos/asf/hive/repo Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/f4acb44f Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/f4acb44f Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/f4acb44f Branch: refs/heads/llap Commit: f4acb44f67b64e85f53de6d8503ef2ae6e0fa524 Parents: 8bed378 Author: Alexander Pivovarov Authored: Sun Aug 16 18:36:32 2015 -0700 Committer: Alexander Pivovarov Committed: Sat Sep 5 19:24:50 2015 -0700 ---------------------------------------------------------------------- .../hadoop/hive/ql/exec/FunctionRegistry.java | 2 + .../hive/ql/udf/generic/GenericUDFAesBase.java | 205 ++++++++++++++++ .../ql/udf/generic/GenericUDFAesDecrypt.java | 50 ++++ .../ql/udf/generic/GenericUDFAesEncrypt.java | 50 ++++ .../ql/udf/generic/GenericUDFParamUtils.java | 8 +- .../udf/generic/TestGenericUDFAesDecrypt.java | 233 +++++++++++++++++++ .../udf/generic/TestGenericUDFAesEncrypt.java | 228 ++++++++++++++++++ .../queries/clientpositive/udf_aes_decrypt.q | 21 ++ .../queries/clientpositive/udf_aes_encrypt.q | 21 ++ .../results/clientpositive/show_functions.q.out | 2 + .../clientpositive/udf_aes_decrypt.q.out | 79 +++++++ .../clientpositive/udf_aes_encrypt.q.out | 79 +++++++ 12 files changed, 977 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java ---------------------------------------------------------------------- diff --git a/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java b/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java index 4c1c53e..f1fe30d 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionRegistry.java @@ -234,6 +234,8 @@ public final class FunctionRegistry { system.registerUDF("md5", UDFMd5.class, false); system.registerUDF("sha1", UDFSha1.class, false); system.registerUDF("sha", UDFSha1.class, false); + system.registerGenericUDF("aes_encrypt", GenericUDFAesEncrypt.class); + system.registerGenericUDF("aes_decrypt", GenericUDFAesDecrypt.class); system.registerGenericUDF("encode", GenericUDFEncode.class); system.registerGenericUDF("decode", GenericUDFDecode.class); http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesBase.java ---------------------------------------------------------------------- diff --git a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesBase.java b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesBase.java new file mode 100644 index 0000000..66a4457 --- /dev/null +++ b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesBase.java @@ -0,0 +1,205 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.hive.ql.udf.generic; + +import static org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorUtils.PrimitiveGrouping.BINARY_GROUP; +import static org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorUtils.PrimitiveGrouping.STRING_GROUP; + +import java.security.GeneralSecurityException; +import java.security.NoSuchAlgorithmException; + +import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; + +import org.apache.hadoop.hive.ql.exec.UDFArgumentException; +import org.apache.hadoop.hive.ql.metadata.HiveException; +import org.apache.hadoop.hive.serde2.objectinspector.ConstantObjectInspector; +import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector; +import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspectorConverters.Converter; +import org.apache.hadoop.hive.serde2.objectinspector.PrimitiveObjectInspector.PrimitiveCategory; +import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorFactory; +import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorUtils; +import org.apache.hadoop.io.BytesWritable; +import org.apache.hadoop.io.Text; + +/** + * GenericUDFAesBase. + * + */ +public abstract class GenericUDFAesBase extends GenericUDF { + protected transient Converter[] converters = new Converter[2]; + protected transient PrimitiveCategory[] inputTypes = new PrimitiveCategory[2]; + protected final BytesWritable output = new BytesWritable(); + protected transient boolean isStr0; + protected transient boolean isStr1; + protected transient boolean isKeyConstant; + protected transient Cipher cipher; + protected transient SecretKey secretKey; + + @Override + public ObjectInspector initialize(ObjectInspector[] arguments) throws UDFArgumentException { + checkArgsSize(arguments, 2, 2); + + checkArgPrimitive(arguments, 0); + checkArgPrimitive(arguments, 1); + + // the function should support both string and binary input types + if (canParam0BeStr()) { + checkArgGroups(arguments, 0, inputTypes, STRING_GROUP, BINARY_GROUP); + } else { + checkArgGroups(arguments, 0, inputTypes, BINARY_GROUP); + } + checkArgGroups(arguments, 1, inputTypes, STRING_GROUP, BINARY_GROUP); + + if (isStr0 = PrimitiveObjectInspectorUtils.getPrimitiveGrouping(inputTypes[0]) == STRING_GROUP) { + obtainStringConverter(arguments, 0, inputTypes, converters); + } else { + GenericUDFParamUtils.obtainBinaryConverter(arguments, 0, inputTypes, converters); + } + + isKeyConstant = arguments[1] instanceof ConstantObjectInspector; + byte[] key = null; + int keyLength = 0; + + if (isStr1 = PrimitiveObjectInspectorUtils.getPrimitiveGrouping(inputTypes[1]) == STRING_GROUP) { + if (isKeyConstant) { + String keyStr = getConstantStringValue(arguments, 1); + if (keyStr != null) { + key = keyStr.getBytes(); + keyLength = key.length; + } + } else { + obtainStringConverter(arguments, 1, inputTypes, converters); + } + } else { + if (isKeyConstant) { + BytesWritable keyWr = GenericUDFParamUtils.getConstantBytesValue(arguments, 1); + if (keyWr != null) { + key = keyWr.getBytes(); + keyLength = keyWr.getLength(); + } + } else { + GenericUDFParamUtils.obtainBinaryConverter(arguments, 1, inputTypes, converters); + } + } + + if (key != null) { + secretKey = getSecretKey(key, keyLength); + } + + try { + cipher = Cipher.getInstance("AES"); + } catch (NoSuchPaddingException | NoSuchAlgorithmException e) { + throw new RuntimeException(e); + } + + ObjectInspector outputOI = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + return outputOI; + } + + @Override + public Object evaluate(DeferredObject[] arguments) throws HiveException { + byte[] input; + int inputLength; + + if (isStr0) { + Text n = GenericUDFParamUtils.getTextValue(arguments, 0, converters); + if (n == null) { + return null; + } + input = n.getBytes(); + inputLength = n.getLength(); + } else { + BytesWritable bWr = GenericUDFParamUtils.getBinaryValue(arguments, 0, converters); + if (bWr == null) { + return null; + } + input = bWr.getBytes(); + inputLength = bWr.getLength(); + } + + if (input == null) { + return null; + } + + SecretKey secretKey; + if (isKeyConstant) { + secretKey = this.secretKey; + } else { + byte[] key; + int keyLength; + if (isStr1) { + Text n = GenericUDFParamUtils.getTextValue(arguments, 1, converters); + if (n == null) { + return null; + } + key = n.getBytes(); + keyLength = n.getLength(); + } else { + BytesWritable bWr = GenericUDFParamUtils.getBinaryValue(arguments, 1, converters); + if (bWr == null) { + return null; + } + key = bWr.getBytes(); + keyLength = bWr.getLength(); + } + secretKey = getSecretKey(key, keyLength); + } + + if (secretKey == null) { + return null; + } + + byte[] res = aesFunction(input, inputLength, secretKey); + + if (res == null) { + return null; + } + + output.set(res, 0, res.length); + return output; + } + + protected SecretKey getSecretKey(byte[] key, int keyLength) { + if (keyLength == 16 || keyLength == 32 || keyLength == 24) { + return new SecretKeySpec(key, 0, keyLength, "AES"); + } + return null; + } + + protected byte[] aesFunction(byte[] input, int inputLength, SecretKey secretKey) { + try { + cipher.init(getCipherMode(), secretKey); + byte[] res = cipher.doFinal(input, 0, inputLength); + return res; + } catch (GeneralSecurityException e) { + return null; + } + } + + abstract protected int getCipherMode(); + + abstract protected boolean canParam0BeStr(); + + @Override + public String getDisplayString(String[] children) { + return getStandardDisplayString(getFuncName(), children); + } +} http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesDecrypt.java ---------------------------------------------------------------------- diff --git a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesDecrypt.java b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesDecrypt.java new file mode 100644 index 0000000..d83fd2d --- /dev/null +++ b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesDecrypt.java @@ -0,0 +1,50 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.hive.ql.udf.generic; + +import javax.crypto.Cipher; + +import org.apache.hadoop.hive.ql.exec.Description; + +/** + * GenericUDFAesDecrypt. + * + */ +@Description(name = "aes_decrypt", value = "_FUNC_(input binary, key string/binary) - Decrypt input using AES.", + extended = "AES (Advanced Encryption Standard) algorithm. " + + "Key lengths of 128, 192 or 256 bits can be used. 192 and 256 bits keys can be used if " + + "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are installed. " + + "If either argument is NULL or the key length is not one of the permitted values, the return value is NULL.\n" + + "Example: > SELECT _FUNC_(unbase64('y6Ss+zCYObpCbgfWfyNWTw=='), '1234567890123456');\n 'ABC'") +public class GenericUDFAesDecrypt extends GenericUDFAesBase { + + @Override + protected int getCipherMode() { + return Cipher.DECRYPT_MODE; + } + + @Override + protected boolean canParam0BeStr() { + return false; + } + + @Override + protected String getFuncName() { + return "aes_decrypt"; + } +} http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesEncrypt.java ---------------------------------------------------------------------- diff --git a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesEncrypt.java b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesEncrypt.java new file mode 100644 index 0000000..d916441 --- /dev/null +++ b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFAesEncrypt.java @@ -0,0 +1,50 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.hive.ql.udf.generic; + +import javax.crypto.Cipher; + +import org.apache.hadoop.hive.ql.exec.Description; + +/** + * GenericUDFAesEncrypt. + * + */ +@Description(name = "aes_encrypt", value = "_FUNC_(input string/binary, key string/binary) - Encrypt input using AES.", + extended = "AES (Advanced Encryption Standard) algorithm. " + + "Key lengths of 128, 192 or 256 bits can be used. 192 and 256 bits keys can be used if " + + "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are installed. " + + "If either argument is NULL or the key length is not one of the permitted values, the return value is NULL.\n" + + "Example: > SELECT base64(_FUNC_('ABC', '1234567890123456'));\n 'y6Ss+zCYObpCbgfWfyNWTw=='") +public class GenericUDFAesEncrypt extends GenericUDFAesBase { + + @Override + protected int getCipherMode() { + return Cipher.ENCRYPT_MODE; + } + + @Override + protected boolean canParam0BeStr() { + return true; + } + + @Override + protected String getFuncName() { + return "aes_encrypt"; + } +} http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java ---------------------------------------------------------------------- diff --git a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java index cdbc6ea..0e7eb8e 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/udf/generic/GenericUDFParamUtils.java @@ -21,10 +21,11 @@ package org.apache.hadoop.hive.ql.udf.generic; import org.apache.hadoop.hive.ql.exec.UDFArgumentTypeException; import org.apache.hadoop.hive.ql.metadata.HiveException; import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredObject; +import org.apache.hadoop.hive.serde2.objectinspector.ConstantObjectInspector; import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector; import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspectorConverters; -import org.apache.hadoop.hive.serde2.objectinspector.PrimitiveObjectInspector; import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspectorConverters.Converter; +import org.apache.hadoop.hive.serde2.objectinspector.PrimitiveObjectInspector; import org.apache.hadoop.hive.serde2.objectinspector.PrimitiveObjectInspector.PrimitiveCategory; import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorFactory; import org.apache.hadoop.io.BytesWritable; @@ -68,4 +69,9 @@ public class GenericUDFParamUtils { converters[i] = converter; inputTypes[i] = inputType; } + + public static BytesWritable getConstantBytesValue(ObjectInspector[] arguments, int i) { + Object constValue = ((ConstantObjectInspector) arguments[i]).getWritableConstantValue(); + return (BytesWritable) constValue; + } } http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesDecrypt.java ---------------------------------------------------------------------- diff --git a/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesDecrypt.java b/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesDecrypt.java new file mode 100644 index 0000000..729f2fc --- /dev/null +++ b/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesDecrypt.java @@ -0,0 +1,233 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.hive.ql.udf.generic; + +import static org.junit.Assert.assertEquals; + +import java.security.NoSuchAlgorithmException; + +import javax.crypto.Cipher; + +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.codec.binary.Hex; +import org.apache.hadoop.hive.ql.metadata.HiveException; +import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredJavaObject; +import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredObject; +import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector; +import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorFactory; +import org.apache.hadoop.hive.serde2.typeinfo.TypeInfoFactory; +import org.apache.hadoop.io.BytesWritable; +import org.apache.hadoop.io.Text; +import org.junit.Test; + +public class TestGenericUDFAesDecrypt { + + @Test + public void testAesDec128ConstStr() throws HiveException { + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + Text keyWr = new Text("1234567890123456"); + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyStr("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, "ABC", udf); + runAndVerifyStr("BQGHoM3lqYcsurCRq3PlUw==", keyWr, "", udf); + // null + runAndVerifyStr(null, keyWr, null, udf); + } + + @Test + public void testAesDec256ConstStr() throws HiveException, NoSuchAlgorithmException { + int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES"); + // skip the test if Java Cryptography Extension (JCE) Unlimited Strength + // Jurisdiction Policy Files not installed + if (maxKeyLen < 256) { + return; + } + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + Text keyWr = new Text("1234567890123456" + "1234567890123456"); + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyStr("nYfCuJeRd5eD60yXDw7WEA==", keyWr, "ABC", udf); + runAndVerifyStr("mVClVqZ6W4VF6b842FOgCA==", keyWr, "", udf); + // null + runAndVerifyStr(null, keyWr, null, udf); + } + + @Test + public void testAesDec128Str() throws HiveException { + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + Text keyWr = new Text("1234567890123456"); + runAndVerifyStr("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, "ABC", udf); + runAndVerifyStr("BQGHoM3lqYcsurCRq3PlUw==", keyWr, "", udf); + // null + runAndVerifyStr(null, keyWr, null, udf); + } + + @Test + public void testAesDec128ConstBin() throws HiveException { + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + BytesWritable keyWr = new BytesWritable("1234567890123456".getBytes()); + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.binaryTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyBin("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, "ABC", udf); + runAndVerifyBin("BQGHoM3lqYcsurCRq3PlUw==", keyWr, "", udf); + // null + runAndVerifyBin(null, keyWr, null, udf); + } + + @Test + public void testAesDec128Bin() throws HiveException { + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + BytesWritable keyWr = new BytesWritable("1234567890123456".getBytes()); + runAndVerifyBin("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, "ABC", udf); + runAndVerifyBin("BQGHoM3lqYcsurCRq3PlUw==", keyWr, "", udf); + // null + runAndVerifyBin(null, keyWr, null, udf); + } + + @Test + public void testAesDec192Bin() throws HiveException, NoSuchAlgorithmException { + int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES"); + // skip the test if Java Cryptography Extension (JCE) Unlimited Strength + // Jurisdiction Policy Files not installed + if (maxKeyLen < 192) { + return; + } + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + BytesWritable keyWr = new BytesWritable(("1234567890123456" + "12345678").getBytes()); + runAndVerifyBin("ucvvpP9r2/LfQ6BilQuFtA==", keyWr, "ABC", udf); + runAndVerifyBin("KqMT3cF6VwSISMaUVUB4Qw==", keyWr, "", udf); + // null + runAndVerifyBin(null, keyWr, null, udf); + } + + @Test + public void testAesDecKeyNullConstStr() throws HiveException { + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + Text keyWr = null; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyStr("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, null, udf); + } + + @Test + public void testAesDecKeyNullStr() throws HiveException { + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + Text keyWr = null; + runAndVerifyStr("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, null, udf); + } + + @Test + public void testAesDecKeyNullConstBin() throws HiveException { + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + BytesWritable keyWr = null; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.binaryTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyBin("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, null, udf); + } + + @Test + public void testAesDecKeyNullBin() throws HiveException { + GenericUDFAesDecrypt udf = new GenericUDFAesDecrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + BytesWritable keyWr = null; + runAndVerifyBin("y6Ss+zCYObpCbgfWfyNWTw==", keyWr, null, udf); + } + + private void runAndVerifyStr(String strBase64, Text keyWr, String expResult, GenericUDFAesDecrypt udf) + throws HiveException { + DeferredObject valueObj0 = new DeferredJavaObject( + strBase64 != null ? new BytesWritable(Base64.decodeBase64(strBase64)) : null); + DeferredObject valueObj1 = new DeferredJavaObject(keyWr); + DeferredObject[] args = { valueObj0, valueObj1 }; + BytesWritable output = (BytesWritable) udf.evaluate(args); + String expResultHex = expResult == null ? null : Hex.encodeHexString(expResult.getBytes()); + assertEquals("aes_decrypt() test ", expResultHex, output != null ? copyBytesAndHex(output) : null); + } + + private void runAndVerifyBin(String strBase64, BytesWritable keyWr, String expResult, GenericUDFAesDecrypt udf) + throws HiveException { + DeferredObject valueObj0 = new DeferredJavaObject( + strBase64 != null ? new BytesWritable(Base64.decodeBase64(strBase64)) : null); + DeferredObject valueObj1 = new DeferredJavaObject(keyWr); + DeferredObject[] args = { valueObj0, valueObj1 }; + BytesWritable output = (BytesWritable) udf.evaluate(args); + String expResultHex = expResult == null ? null : Hex.encodeHexString(expResult.getBytes()); + assertEquals("aes_decrypt() test ", expResultHex, output != null ? copyBytesAndHex(output) : null); + } + + private String copyBytesAndHex(BytesWritable bw) { + int size = bw.getLength(); + byte[] bytes = new byte[size]; + System.arraycopy(bw.getBytes(), 0, bytes, 0, size); + return Hex.encodeHexString(bytes); + } +} http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesEncrypt.java ---------------------------------------------------------------------- diff --git a/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesEncrypt.java b/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesEncrypt.java new file mode 100644 index 0000000..5e5914d --- /dev/null +++ b/ql/src/test/org/apache/hadoop/hive/ql/udf/generic/TestGenericUDFAesEncrypt.java @@ -0,0 +1,228 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.hive.ql.udf.generic; + +import static org.junit.Assert.assertEquals; + +import java.security.NoSuchAlgorithmException; + +import javax.crypto.Cipher; + +import org.apache.commons.codec.binary.Base64; +import org.apache.hadoop.hive.ql.metadata.HiveException; +import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredJavaObject; +import org.apache.hadoop.hive.ql.udf.generic.GenericUDF.DeferredObject; +import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector; +import org.apache.hadoop.hive.serde2.objectinspector.primitive.PrimitiveObjectInspectorFactory; +import org.apache.hadoop.hive.serde2.typeinfo.TypeInfoFactory; +import org.apache.hadoop.io.BytesWritable; +import org.apache.hadoop.io.Text; +import org.junit.Test; + +public class TestGenericUDFAesEncrypt { + + @Test + public void testAesEnc128ConstStr() throws HiveException { + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + Text keyWr = new Text("1234567890123456"); + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyStr("ABC", keyWr, "y6Ss+zCYObpCbgfWfyNWTw==", udf); + runAndVerifyStr("", keyWr, "BQGHoM3lqYcsurCRq3PlUw==", udf); + // null + runAndVerifyStr(null, keyWr, null, udf); + } + + @Test + public void testAesEnc256ConstStr() throws HiveException, NoSuchAlgorithmException { + int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES"); + // skip the test if Java Cryptography Extension (JCE) Unlimited Strength + // Jurisdiction Policy Files not installed + if (maxKeyLen < 256) { + return; + } + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + Text keyWr = new Text("1234567890123456" + "1234567890123456"); + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyStr("ABC", keyWr, "nYfCuJeRd5eD60yXDw7WEA==", udf); + runAndVerifyStr("", keyWr, "mVClVqZ6W4VF6b842FOgCA==", udf); + // null + runAndVerifyStr(null, keyWr, null, udf); + } + + @Test + public void testAesEnc128Str() throws HiveException { + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + Text keyWr = new Text("1234567890123456"); + runAndVerifyStr("ABC", keyWr, "y6Ss+zCYObpCbgfWfyNWTw==", udf); + runAndVerifyStr("", keyWr, "BQGHoM3lqYcsurCRq3PlUw==", udf); + // null + runAndVerifyStr(null, keyWr, null, udf); + } + + @Test + public void testAesEnc128ConstBin() throws HiveException { + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + BytesWritable keyWr = new BytesWritable("1234567890123456".getBytes()); + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.binaryTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, "y6Ss+zCYObpCbgfWfyNWTw==", udf); + runAndVerifyBin(new byte[0], keyWr, "BQGHoM3lqYcsurCRq3PlUw==", udf); + // null + runAndVerifyBin(null, keyWr, null, udf); + } + + @Test + public void testAesEnc128Bin() throws HiveException { + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + BytesWritable keyWr = new BytesWritable("1234567890123456".getBytes()); + runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, "y6Ss+zCYObpCbgfWfyNWTw==", udf); + runAndVerifyBin(new byte[0], keyWr, "BQGHoM3lqYcsurCRq3PlUw==", udf); + // null + runAndVerifyBin(null, keyWr, null, udf); + } + + @Test + public void testAesEnc192Bin() throws HiveException, NoSuchAlgorithmException { + int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES"); + // skip the test if Java Cryptography Extension (JCE) Unlimited Strength + // Jurisdiction Policy Files not installed + if (maxKeyLen < 192) { + return; + } + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + BytesWritable keyWr = new BytesWritable(("1234567890123456" + "12345678").getBytes()); + runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, "ucvvpP9r2/LfQ6BilQuFtA==", udf); + runAndVerifyBin(new byte[0], keyWr, "KqMT3cF6VwSISMaUVUB4Qw==", udf); + // null + runAndVerifyBin(null, keyWr, null, udf); + } + + @Test + public void testAesEncKeyNullConstStr() throws HiveException { + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + Text keyWr = null; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.stringTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyStr("ABC", keyWr, null, udf); + } + + @Test + public void testAesEncKeyNullStr() throws HiveException { + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableStringObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + Text keyWr = null; + runAndVerifyStr("ABC", keyWr, null, udf); + } + + @Test + public void testAesEncKeyNullConstBin() throws HiveException { + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + BytesWritable keyWr = null; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory + .getPrimitiveWritableConstantObjectInspector(TypeInfoFactory.binaryTypeInfo, keyWr); + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, null, udf); + } + + @Test + public void testAesEncKeyNullBin() throws HiveException { + GenericUDFAesEncrypt udf = new GenericUDFAesEncrypt(); + ObjectInspector valueOI0 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector valueOI1 = PrimitiveObjectInspectorFactory.writableBinaryObjectInspector; + ObjectInspector[] arguments = { valueOI0, valueOI1 }; + + udf.initialize(arguments); + + BytesWritable keyWr = null; + runAndVerifyBin(new byte[] { 65, 66, 67 }, keyWr, null, udf); + } + + private void runAndVerifyStr(String str, Text keyWr, String expResultBase64, GenericUDFAesEncrypt udf) + throws HiveException { + DeferredObject valueObj0 = new DeferredJavaObject(str != null ? new Text(str) : null); + DeferredObject valueObj1 = new DeferredJavaObject(keyWr); + DeferredObject[] args = { valueObj0, valueObj1 }; + BytesWritable output = (BytesWritable) udf.evaluate(args); + assertEquals("aes_encrypt() test ", expResultBase64, output != null ? copyBytesAndBase64(output) : null); + } + + private void runAndVerifyBin(byte[] b, BytesWritable keyWr, String expResultBase64, GenericUDFAesEncrypt udf) + throws HiveException { + DeferredObject valueObj0 = new DeferredJavaObject(b != null ? new BytesWritable(b) : null); + DeferredObject valueObj1 = new DeferredJavaObject(keyWr); + DeferredObject[] args = { valueObj0, valueObj1 }; + BytesWritable output = (BytesWritable) udf.evaluate(args); + assertEquals("aes_encrypt() test ", expResultBase64, output != null ? copyBytesAndBase64(output) : null); + } + + private String copyBytesAndBase64(BytesWritable bw) { + int size = bw.getLength(); + byte[] bytes = new byte[size]; + System.arraycopy(bw.getBytes(), 0, bytes, 0, size); + return new String(Base64.encodeBase64(bytes)); + } +} http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/queries/clientpositive/udf_aes_decrypt.q ---------------------------------------------------------------------- diff --git a/ql/src/test/queries/clientpositive/udf_aes_decrypt.q b/ql/src/test/queries/clientpositive/udf_aes_decrypt.q new file mode 100644 index 0000000..36a0cf9 --- /dev/null +++ b/ql/src/test/queries/clientpositive/udf_aes_decrypt.q @@ -0,0 +1,21 @@ +DESCRIBE FUNCTION aes_decrypt; +DESC FUNCTION EXTENDED aes_decrypt; + +explain select aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456'); + +select +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456'), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('1234567890123456')), +aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), '1234567890123456') = binary(''), +aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), binary('1234567890123456')) = binary(''), +aes_decrypt(cast(null as binary), '1234567890123456'), +aes_decrypt(cast(null as binary), binary('1234567890123456')); + +--bad key +select +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '12345678901234567'), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('123456789012345')), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), ''), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('')), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as string)), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as binary)); \ No newline at end of file http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/queries/clientpositive/udf_aes_encrypt.q ---------------------------------------------------------------------- diff --git a/ql/src/test/queries/clientpositive/udf_aes_encrypt.q b/ql/src/test/queries/clientpositive/udf_aes_encrypt.q new file mode 100644 index 0000000..2f03943 --- /dev/null +++ b/ql/src/test/queries/clientpositive/udf_aes_encrypt.q @@ -0,0 +1,21 @@ +DESCRIBE FUNCTION aes_encrypt; +DESC FUNCTION EXTENDED aes_encrypt; + +explain select aes_encrypt('ABC', '1234567890123456'); + +select +base64(aes_encrypt('ABC', '1234567890123456')), +base64(aes_encrypt('', '1234567890123456')), +base64(aes_encrypt(binary('ABC'), binary('1234567890123456'))), +base64(aes_encrypt(binary(''), binary('1234567890123456'))), +aes_encrypt(cast(null as string), '1234567890123456'), +aes_encrypt(cast(null as binary), binary('1234567890123456')); + +--bad key +select +aes_encrypt('ABC', '12345678901234567'), +aes_encrypt(binary('ABC'), binary('123456789012345')), +aes_encrypt('ABC', ''), +aes_encrypt(binary('ABC'), binary('')), +aes_encrypt('ABC', cast(null as string)), +aes_encrypt(binary('ABC'), cast(null as binary)); \ No newline at end of file http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/results/clientpositive/show_functions.q.out ---------------------------------------------------------------------- diff --git a/ql/src/test/results/clientpositive/show_functions.q.out b/ql/src/test/results/clientpositive/show_functions.q.out index 540079b..fbcd86a 100644 --- a/ql/src/test/results/clientpositive/show_functions.q.out +++ b/ql/src/test/results/clientpositive/show_functions.q.out @@ -22,6 +22,8 @@ POSTHOOK: type: SHOWFUNCTIONS abs acos add_months +aes_decrypt +aes_encrypt and array array_contains http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/results/clientpositive/udf_aes_decrypt.q.out ---------------------------------------------------------------------- diff --git a/ql/src/test/results/clientpositive/udf_aes_decrypt.q.out b/ql/src/test/results/clientpositive/udf_aes_decrypt.q.out new file mode 100644 index 0000000..83780a9 --- /dev/null +++ b/ql/src/test/results/clientpositive/udf_aes_decrypt.q.out @@ -0,0 +1,79 @@ +PREHOOK: query: DESCRIBE FUNCTION aes_decrypt +PREHOOK: type: DESCFUNCTION +POSTHOOK: query: DESCRIBE FUNCTION aes_decrypt +POSTHOOK: type: DESCFUNCTION +aes_decrypt(input binary, key string/binary) - Decrypt input using AES. +PREHOOK: query: DESC FUNCTION EXTENDED aes_decrypt +PREHOOK: type: DESCFUNCTION +POSTHOOK: query: DESC FUNCTION EXTENDED aes_decrypt +POSTHOOK: type: DESCFUNCTION +aes_decrypt(input binary, key string/binary) - Decrypt input using AES. +AES (Advanced Encryption Standard) algorithm. Key lengths of 128, 192 or 256 bits can be used. 192 and 256 bits keys can be used if Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are installed. If either argument is NULL or the key length is not one of the permitted values, the return value is NULL. +Example: > SELECT aes_decrypt(unbase64('y6Ss+zCYObpCbgfWfyNWTw=='), '1234567890123456'); + 'ABC' +PREHOOK: query: explain select aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456') +PREHOOK: type: QUERY +POSTHOOK: query: explain select aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456') +POSTHOOK: type: QUERY +STAGE DEPENDENCIES: + Stage-0 is a root stage + +STAGE PLANS: + Stage: Stage-0 + Fetch Operator + limit: -1 + Processor Tree: + TableScan + alias: _dummy_table + Row Limit Per Split: 1 + Statistics: Num rows: 1 Data size: 1 Basic stats: COMPLETE Column stats: COMPLETE + Select Operator + expressions: 414243 (type: binary) + outputColumnNames: _col0 + Statistics: Num rows: 1 Data size: 48 Basic stats: COMPLETE Column stats: COMPLETE + ListSink + +PREHOOK: query: select +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456'), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('1234567890123456')), +aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), '1234567890123456') = binary(''), +aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), binary('1234567890123456')) = binary(''), +aes_decrypt(cast(null as binary), '1234567890123456'), +aes_decrypt(cast(null as binary), binary('1234567890123456')) +PREHOOK: type: QUERY +PREHOOK: Input: _dummy_database@_dummy_table +#### A masked pattern was here #### +POSTHOOK: query: select +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '1234567890123456'), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('1234567890123456')), +aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), '1234567890123456') = binary(''), +aes_decrypt(unbase64("BQGHoM3lqYcsurCRq3PlUw=="), binary('1234567890123456')) = binary(''), +aes_decrypt(cast(null as binary), '1234567890123456'), +aes_decrypt(cast(null as binary), binary('1234567890123456')) +POSTHOOK: type: QUERY +POSTHOOK: Input: _dummy_database@_dummy_table +#### A masked pattern was here #### +ABC ABC true true NULL NULL +PREHOOK: query: --bad key +select +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '12345678901234567'), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('123456789012345')), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), ''), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('')), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as string)), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as binary)) +PREHOOK: type: QUERY +PREHOOK: Input: _dummy_database@_dummy_table +#### A masked pattern was here #### +POSTHOOK: query: --bad key +select +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), '12345678901234567'), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('123456789012345')), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), ''), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), binary('')), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as string)), +aes_decrypt(unbase64("y6Ss+zCYObpCbgfWfyNWTw=="), cast(null as binary)) +POSTHOOK: type: QUERY +POSTHOOK: Input: _dummy_database@_dummy_table +#### A masked pattern was here #### +NULL NULL NULL NULL NULL NULL http://git-wip-us.apache.org/repos/asf/hive/blob/f4acb44f/ql/src/test/results/clientpositive/udf_aes_encrypt.q.out ---------------------------------------------------------------------- diff --git a/ql/src/test/results/clientpositive/udf_aes_encrypt.q.out b/ql/src/test/results/clientpositive/udf_aes_encrypt.q.out new file mode 100644 index 0000000..9e356b2 --- /dev/null +++ b/ql/src/test/results/clientpositive/udf_aes_encrypt.q.out @@ -0,0 +1,79 @@ +PREHOOK: query: DESCRIBE FUNCTION aes_encrypt +PREHOOK: type: DESCFUNCTION +POSTHOOK: query: DESCRIBE FUNCTION aes_encrypt +POSTHOOK: type: DESCFUNCTION +aes_encrypt(input string/binary, key string/binary) - Encrypt input using AES. +PREHOOK: query: DESC FUNCTION EXTENDED aes_encrypt +PREHOOK: type: DESCFUNCTION +POSTHOOK: query: DESC FUNCTION EXTENDED aes_encrypt +POSTHOOK: type: DESCFUNCTION +aes_encrypt(input string/binary, key string/binary) - Encrypt input using AES. +AES (Advanced Encryption Standard) algorithm. Key lengths of 128, 192 or 256 bits can be used. 192 and 256 bits keys can be used if Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are installed. If either argument is NULL or the key length is not one of the permitted values, the return value is NULL. +Example: > SELECT base64(aes_encrypt('ABC', '1234567890123456')); + 'y6Ss+zCYObpCbgfWfyNWTw==' +PREHOOK: query: explain select aes_encrypt('ABC', '1234567890123456') +PREHOOK: type: QUERY +POSTHOOK: query: explain select aes_encrypt('ABC', '1234567890123456') +POSTHOOK: type: QUERY +STAGE DEPENDENCIES: + Stage-0 is a root stage + +STAGE PLANS: + Stage: Stage-0 + Fetch Operator + limit: -1 + Processor Tree: + TableScan + alias: _dummy_table + Row Limit Per Split: 1 + Statistics: Num rows: 1 Data size: 1 Basic stats: COMPLETE Column stats: COMPLETE + Select Operator + expressions: CBA4ACFB309839BA426E07D67F23564F (type: binary) + outputColumnNames: _col0 + Statistics: Num rows: 1 Data size: 56 Basic stats: COMPLETE Column stats: COMPLETE + ListSink + +PREHOOK: query: select +base64(aes_encrypt('ABC', '1234567890123456')), +base64(aes_encrypt('', '1234567890123456')), +base64(aes_encrypt(binary('ABC'), binary('1234567890123456'))), +base64(aes_encrypt(binary(''), binary('1234567890123456'))), +aes_encrypt(cast(null as string), '1234567890123456'), +aes_encrypt(cast(null as binary), binary('1234567890123456')) +PREHOOK: type: QUERY +PREHOOK: Input: _dummy_database@_dummy_table +#### A masked pattern was here #### +POSTHOOK: query: select +base64(aes_encrypt('ABC', '1234567890123456')), +base64(aes_encrypt('', '1234567890123456')), +base64(aes_encrypt(binary('ABC'), binary('1234567890123456'))), +base64(aes_encrypt(binary(''), binary('1234567890123456'))), +aes_encrypt(cast(null as string), '1234567890123456'), +aes_encrypt(cast(null as binary), binary('1234567890123456')) +POSTHOOK: type: QUERY +POSTHOOK: Input: _dummy_database@_dummy_table +#### A masked pattern was here #### +y6Ss+zCYObpCbgfWfyNWTw== BQGHoM3lqYcsurCRq3PlUw== y6Ss+zCYObpCbgfWfyNWTw== BQGHoM3lqYcsurCRq3PlUw== NULL NULL +PREHOOK: query: --bad key +select +aes_encrypt('ABC', '12345678901234567'), +aes_encrypt(binary('ABC'), binary('123456789012345')), +aes_encrypt('ABC', ''), +aes_encrypt(binary('ABC'), binary('')), +aes_encrypt('ABC', cast(null as string)), +aes_encrypt(binary('ABC'), cast(null as binary)) +PREHOOK: type: QUERY +PREHOOK: Input: _dummy_database@_dummy_table +#### A masked pattern was here #### +POSTHOOK: query: --bad key +select +aes_encrypt('ABC', '12345678901234567'), +aes_encrypt(binary('ABC'), binary('123456789012345')), +aes_encrypt('ABC', ''), +aes_encrypt(binary('ABC'), binary('')), +aes_encrypt('ABC', cast(null as string)), +aes_encrypt(binary('ABC'), cast(null as binary)) +POSTHOOK: type: QUERY +POSTHOOK: Input: _dummy_database@_dummy_table +#### A masked pattern was here #### +NULL NULL NULL NULL NULL NULL