Github user xwq commented on a diff in the pull request:
https://github.com/apache/incubator-trafodion/pull/839#discussion_r88674056
--- Diff: core/sql/exp/exp_function.cpp ---
@@ -8235,5 +8249,165 @@ ex_expr::exp_return_type ExFunctionIsIP::eval(char
* op_data[],
}
}
+ex_expr::exp_return_type ExFunctionAESEncrypt::eval(char * op_data[],
+ CollHeap
*heap,
+ ComDiagsArea
**diagsArea)
+{
+ CharInfo::CharSet cs = ((SimpleType *)getOperand(0))->getCharSet();
+ Attributes *tgt = getOperand(0);
+
+ Lng32 source_len = getOperand(1)->getLength(op_data[-MAX_OPERANDS + 1]);
+ char * source = op_data[1];
+
+ Lng32 key_len = getOperand(2)->getLength(op_data[-MAX_OPERANDS + 2]);
+ unsigned char * key = (unsigned char *)op_data[2];
+
+ unsigned char * result = (unsigned char *)op_data[0];
+
+ unsigned char rkey[EVP_MAX_KEY_LENGTH];
+ int u_len, f_len;
+ EVP_CIPHER_CTX ctx;
+ const EVP_CIPHER * cipher = aes_algorithm_type[aes_mode];
+
+ int iv_len_need = EVP_CIPHER_iv_length(cipher);
+
+ unsigned char * iv = NULL;
+ if (iv_len_need) {
+ if (args_num == 3) {
+ Lng32 iv_len_input = getOperand(3)->getLength(op_data[-MAX_OPERANDS
+ 3]);
+ if (iv_len_input == 0 || iv_len_input < iv_len_need) {
+ // the length of iv is too short
+ ExRaiseSqlError(heap, diagsArea, EXE_AES_INVALID_IV);
+ *(*diagsArea) << DgInt0(iv_len_input) << DgInt1(iv_len_need);
+ return ex_expr::EXPR_ERROR;
+ }
+ iv = (unsigned char *)op_data[3];
+ }
+ else {
+ // it does not have iv argument, but the algorithm need iv
+ ExRaiseSqlError(heap, diagsArea,EXE_ERR_PARAMCOUNT_FOR_FUNC);
+ *(*diagsArea) << DgString0("AES_ENCRYPT");
+ return ex_expr::EXPR_ERROR;
+ }
+ }
+ else {
+ if (args_num == 3) {
+ // the algorithm doesn't need iv, give a warning
+ ExRaiseSqlWarning(heap, diagsArea, EXE_OPTION_IGNORED);
+ *(*diagsArea) << DgString0("IV");
+ }
+ }
+
+ aes_create_key(key, key_len, rkey, aes_mode);
+
+ if (!EVP_EncryptInit(&ctx, cipher, (const unsigned char*)rkey, iv))
+ goto aes_encrypt_error;
+
+ if (!EVP_CIPHER_CTX_set_padding(&ctx, true))
+ goto aes_encrypt_error;
+
+ if (!EVP_EncryptUpdate(&ctx, result, &u_len, (const unsigned char
*)source, source_len))
+ goto aes_encrypt_error;
+
+ if (!EVP_EncryptFinal(&ctx, result + u_len, &f_len))
+ goto aes_encrypt_error;
+
+ if (!EVP_CIPHER_CTX_cleanup(&ctx))
+ goto aes_encrypt_error;
--- End diff --
You are right. It don't need check the return value of
EVP_CIPHER_CTX_cleanup, I will fix it.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
