Revert "IMPALA-6219: Use AES-GCM for spill-to-disk encryption"

This reverts commit 9b68645f9eb9e08899fda860e0946cc05f205479.

Change-Id: Ia06f061a4ecedd1df0d359fe06fe84618b5e07fb
Reviewed-on: http://gerrit.cloudera.org:8080/9226
Reviewed-by: Sailesh Mukil <sail...@cloudera.com>
Tested-by: Impala Public Jenkins


Project: http://git-wip-us.apache.org/repos/asf/impala/repo
Commit: http://git-wip-us.apache.org/repos/asf/impala/commit/31f38687
Tree: http://git-wip-us.apache.org/repos/asf/impala/tree/31f38687
Diff: http://git-wip-us.apache.org/repos/asf/impala/diff/31f38687

Branch: refs/heads/2.x
Commit: 31f38687fa5ab010247e88c2055e00cbeb70712d
Parents: 2037222
Author: Alex Behm <alex.b...@cloudera.com>
Authored: Tue Feb 6 11:50:51 2018 -0800
Committer: Impala Public Jenkins <impala-public-jenk...@gerrit.cloudera.org>
Committed: Thu Feb 8 07:01:53 2018 +0000

----------------------------------------------------------------------
 be/src/runtime/tmp-file-mgr.cc   | 15 ++----
 be/src/util/cpu-info.cc          | 13 +++--
 be/src/util/cpu-info.h           | 13 +++--
 be/src/util/openssl-util-test.cc | 95 +++++++++++-----------------------
 be/src/util/openssl-util.cc      | 96 +++--------------------------------
 be/src/util/openssl-util.h       | 70 ++++++++-----------------
 6 files changed, 74 insertions(+), 228 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/impala/blob/31f38687/be/src/runtime/tmp-file-mgr.cc
----------------------------------------------------------------------
diff --git a/be/src/runtime/tmp-file-mgr.cc b/be/src/runtime/tmp-file-mgr.cc
index 3807670..d35d302 100644
--- a/be/src/runtime/tmp-file-mgr.cc
+++ b/be/src/runtime/tmp-file-mgr.cc
@@ -612,26 +612,19 @@ void TmpFileMgr::WriteHandle::WaitForWrite() {
 Status TmpFileMgr::WriteHandle::EncryptAndHash(MemRange buffer) {
   DCHECK(FLAGS_disk_spill_encryption);
   SCOPED_TIMER(encryption_timer_);
-  // Since we're using GCM/CTR/CFB mode, we must take care not to reuse a
+  // Since we're using AES-CTR/AES-CFB mode, we must take care not to reuse a
   // key/IV pair. Regenerate a new key and IV for every data buffer we write.
   key_.InitializeRandom();
   RETURN_IF_ERROR(key_.Encrypt(buffer.data(), buffer.len(), buffer.data()));
-
-  if (!key_.IsGcmMode()) {
-    hash_.Compute(buffer.data(), buffer.len());
-  }
+  hash_.Compute(buffer.data(), buffer.len());
   return Status::OK();
 }
 
 Status TmpFileMgr::WriteHandle::CheckHashAndDecrypt(MemRange buffer) {
   DCHECK(FLAGS_disk_spill_encryption);
   SCOPED_TIMER(encryption_timer_);
-
-  // GCM mode will verify the integrity by itself
-  if (!key_.IsGcmMode()) {
-    if (!hash_.Verify(buffer.data(), buffer.len())) {
-      return Status("Block verification failure");
-    }
+  if (!hash_.Verify(buffer.data(), buffer.len())) {
+    return Status("Block verification failure");
   }
   return key_.Decrypt(buffer.data(), buffer.len(), buffer.data());
 }

http://git-wip-us.apache.org/repos/asf/impala/blob/31f38687/be/src/util/cpu-info.cc
----------------------------------------------------------------------
diff --git a/be/src/util/cpu-info.cc b/be/src/util/cpu-info.cc
index 1e3fcde..a32571e 100644
--- a/be/src/util/cpu-info.cc
+++ b/be/src/util/cpu-info.cc
@@ -85,13 +85,12 @@ static struct {
   int64_t flag;
 } flag_mappings[] =
 {
-  { "ssse3",     CpuInfo::SSSE3 },
-  { "sse4_1",    CpuInfo::SSE4_1 },
-  { "sse4_2",    CpuInfo::SSE4_2 },
-  { "popcnt",    CpuInfo::POPCNT },
-  { "avx",       CpuInfo::AVX },
-  { "avx2",      CpuInfo::AVX2 },
-  { "pclmuldqd", CpuInfo::PCLMULQDQ }
+  { "ssse3",  CpuInfo::SSSE3 },
+  { "sse4_1", CpuInfo::SSE4_1 },
+  { "sse4_2", CpuInfo::SSE4_2 },
+  { "popcnt", CpuInfo::POPCNT },
+  { "avx",    CpuInfo::AVX },
+  { "avx2",   CpuInfo::AVX2 },
 };
 static const long num_flags = sizeof(flag_mappings) / sizeof(flag_mappings[0]);
 

http://git-wip-us.apache.org/repos/asf/impala/blob/31f38687/be/src/util/cpu-info.h
----------------------------------------------------------------------
diff --git a/be/src/util/cpu-info.h b/be/src/util/cpu-info.h
index e60babc..38d6782 100644
--- a/be/src/util/cpu-info.h
+++ b/be/src/util/cpu-info.h
@@ -34,13 +34,12 @@ namespace impala {
 /// /sys/devices)
 class CpuInfo {
  public:
-  static const int64_t SSSE3     = (1 << 1);
-  static const int64_t SSE4_1    = (1 << 2);
-  static const int64_t SSE4_2    = (1 << 3);
-  static const int64_t POPCNT    = (1 << 4);
-  static const int64_t AVX       = (1 << 5);
-  static const int64_t AVX2      = (1 << 6);
-  static const int64_t PCLMULQDQ = (1 << 7);
+  static const int64_t SSSE3   = (1 << 1);
+  static const int64_t SSE4_1  = (1 << 2);
+  static const int64_t SSE4_2  = (1 << 3);
+  static const int64_t POPCNT  = (1 << 4);
+  static const int64_t AVX     = (1 << 5);
+  static const int64_t AVX2    = (1 << 6);
 
   /// Cache enums for L1 (data), L2 and L3
   enum CacheLevel {

http://git-wip-us.apache.org/repos/asf/impala/blob/31f38687/be/src/util/openssl-util-test.cc
----------------------------------------------------------------------
diff --git a/be/src/util/openssl-util-test.cc b/be/src/util/openssl-util-test.cc
index 76f65a5..8d98b0d 100644
--- a/be/src/util/openssl-util-test.cc
+++ b/be/src/util/openssl-util-test.cc
@@ -44,41 +44,6 @@ class OpenSSLUtilTest : public ::testing::Test {
     }
   }
 
-  /// Fill arbitrary-length buffer with random bytes
-  void GenerateRandomBytes(uint8_t* data, int64_t len) {
-    DCHECK_GE(len, 0);
-    for (int64_t i = 0; i < len; i++) {
-      data[i] = uniform_int_distribution<uint8_t>(0, UINT8_MAX)(rng_);
-    }
-  }
-
-  void TestEncryptionDecryption(const int64_t buffer_size) {
-    vector<uint8_t> original(buffer_size);
-    vector<uint8_t> scratch(buffer_size); // Scratch buffer for in-place 
encryption.
-    if (buffer_size % 8 == 0) {
-      GenerateRandomData(original.data(), buffer_size);
-    } else {
-      GenerateRandomBytes(original.data(), buffer_size);
-    }
-
-    // Check all the modes
-    AES_CIPHER_MODE modes[] = {AES_256_GCM, AES_256_CTR, AES_256_CFB};
-    for (auto m : modes) {
-      memcpy(scratch.data(), original.data(), buffer_size);
-
-      EncryptionKey key;
-      key.InitializeRandom();
-      key.SetCipherMode(m);
-
-      ASSERT_OK(key.Encrypt(scratch.data(), buffer_size, scratch.data()));
-      // Check that encryption did something
-      ASSERT_NE(0, memcmp(original.data(), scratch.data(), buffer_size));
-      ASSERT_OK(key.Decrypt(scratch.data(), buffer_size, scratch.data()));
-      // Check that we get the original data back.
-      ASSERT_EQ(0, memcmp(original.data(), scratch.data(), buffer_size));
-    }
-  }
-
   mt19937_64 rng_;
 };
 
@@ -92,7 +57,7 @@ TEST_F(OpenSSLUtilTest, Encryption) {
   GenerateRandomData(original.data(), buffer_size);
 
   // Check both CTR & CFB
-  AES_CIPHER_MODE modes[] = {AES_256_GCM, AES_256_CTR, AES_256_CFB};
+  AES_CIPHER_MODE modes[] = {AES_256_CTR, AES_256_CFB};
   for (auto m : modes) {
     // Iterate multiple times to ensure that key regeneration works correctly.
     EncryptionKey key;
@@ -120,42 +85,44 @@ TEST_F(OpenSSLUtilTest, Encryption) {
 /// Test that encryption and decryption work in-place.
 TEST_F(OpenSSLUtilTest, EncryptInPlace) {
   const int buffer_size = 1024 * 1024;
-  TestEncryptionDecryption(buffer_size);
+  vector<uint8_t> original(buffer_size);
+  vector<uint8_t> scratch(buffer_size); // Scratch buffer for in-place 
encryption.
+
+  EncryptionKey key;
+  // Check both CTR & CFB
+  AES_CIPHER_MODE modes[] = {AES_256_CTR, AES_256_CFB};
+  for (auto m : modes) {
+    GenerateRandomData(original.data(), buffer_size);
+    memcpy(scratch.data(), original.data(), buffer_size);
+
+    key.InitializeRandom();
+    key.SetCipherMode(m);
+
+    ASSERT_OK(key.Encrypt(scratch.data(), buffer_size, scratch.data()));
+    // Check that encryption did something
+    ASSERT_NE(0, memcmp(original.data(), scratch.data(), buffer_size));
+    ASSERT_OK(key.Decrypt(scratch.data(), buffer_size, scratch.data()));
+    // Check that we get the original data back.
+    ASSERT_EQ(0, memcmp(original.data(), scratch.data(), buffer_size));
+  }
 }
 
 /// Test that encryption works with buffer lengths that don't fit in a 32-bit 
integer.
 TEST_F(OpenSSLUtilTest, EncryptInPlaceHugeBuffer) {
   const int64_t buffer_size = 3 * 1024L * 1024L * 1024L;
-  TestEncryptionDecryption(buffer_size);
-}
-
-/// Test that encryption works with arbitrary-length buffer
-TEST_F(OpenSSLUtilTest, EncryptArbitraryLength) {
-  std::uniform_int_distribution<uint64_t> dis(0, 1024 * 1024);
-  const int buffer_size = dis(rng_);
-  TestEncryptionDecryption(buffer_size);
-}
-
-/// Test integrity in GCM mode
-TEST_F(OpenSSLUtilTest, GcmIntegrity) {
-  const int buffer_size = 1024 * 1024;
-  vector<uint8_t> buffer(buffer_size);
+  vector<uint8_t> original(buffer_size);
+  vector<uint8_t> scratch(buffer_size); // Scratch buffer for in-place 
encryption.
+  GenerateRandomData(original.data(), buffer_size);
+  memcpy(scratch.data(), original.data(), buffer_size);
 
   EncryptionKey key;
   key.InitializeRandom();
-  key.SetCipherMode(AES_256_GCM);
-
-  // Even it has been set as GCM mode, it may fall back to other modes.
-  // Check if GCM mode is supported at runtime.
-  if (key.IsGcmMode()) {
-    GenerateRandomData(buffer.data(), buffer_size);
-    ASSERT_OK(key.Encrypt(buffer.data(), buffer_size, buffer.data()));
-
-    // tamper the data
-    ++buffer[0];
-    Status s = key.Decrypt(buffer.data(), buffer_size, buffer.data());
-    EXPECT_STR_CONTAINS(s.GetDetail(), "EVP_DecryptFinal");
-  }
+  ASSERT_OK(key.Encrypt(scratch.data(), buffer_size, scratch.data()));
+  // Check that encryption did something
+  ASSERT_NE(0, memcmp(original.data(), scratch.data(), buffer_size));
+  ASSERT_OK(key.Decrypt(scratch.data(), buffer_size, scratch.data()));
+  // Check that we get the original data back.
+  ASSERT_EQ(0, memcmp(original.data(), scratch.data(), buffer_size));
 }
 
 /// Test basic integrity hash functionality.

http://git-wip-us.apache.org/repos/asf/impala/blob/31f38687/be/src/util/openssl-util.cc
----------------------------------------------------------------------
diff --git a/be/src/util/openssl-util.cc b/be/src/util/openssl-util.cc
index ffb47eb..69dc676 100644
--- a/be/src/util/openssl-util.cc
+++ b/be/src/util/openssl-util.cc
@@ -20,7 +20,6 @@
 #include <limits.h>
 #include <sstream>
 
-#include <glog/logging.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
@@ -31,7 +30,6 @@
 #include "gutil/strings/substitute.h"
 
 #include "common/names.h"
-#include "cpu-info.h"
 
 DECLARE_string(ssl_client_ca_certificate);
 DECLARE_string(ssl_server_certificate);
@@ -109,20 +107,19 @@ void EncryptionKey::InitializeRandom() {
   }
   RAND_bytes(key_, sizeof(key_));
   RAND_bytes(iv_, sizeof(iv_));
-  memset(gcm_tag_, 0, sizeof(gcm_tag_));
   initialized_ = true;
 }
 
-Status EncryptionKey::Encrypt(const uint8_t* data, int64_t len, uint8_t* out) {
+Status EncryptionKey::Encrypt(const uint8_t* data, int64_t len, uint8_t* out) 
const {
   return EncryptInternal(true, data, len, out);
 }
 
-Status EncryptionKey::Decrypt(const uint8_t* data, int64_t len, uint8_t* out) {
+Status EncryptionKey::Decrypt(const uint8_t* data, int64_t len, uint8_t* out) 
const {
   return EncryptInternal(false, data, len, out);
 }
 
 Status EncryptionKey::EncryptInternal(
-    bool encrypt, const uint8_t* data, int64_t len, uint8_t* out) {
+    bool encrypt, const uint8_t* data, int64_t len, uint8_t* out) const {
   DCHECK(initialized_);
   DCHECK_GE(len, 0);
   // Create and initialize the context for encryption
@@ -130,10 +127,6 @@ Status EncryptionKey::EncryptInternal(
   EVP_CIPHER_CTX_init(&ctx);
   EVP_CIPHER_CTX_set_padding(&ctx, 0);
 
-  if (IsGcmMode()) {
-    EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, AES_BLOCK_SIZE, NULL);
-  }
-
   // Start encryption/decryption.  We use a 256-bit AES key, and the cipher 
block mode
   // is either CTR or CFB(stream cipher), both of which support arbitrary 
length
   // ciphertexts - it doesn't have to be a multiple of 16 bytes. Additionally, 
CTR
@@ -164,11 +157,6 @@ Status EncryptionKey::EncryptInternal(
     offset += in_len;
   }
 
-  if (IsGcmMode() && !encrypt) {
-    // Set expected tag value
-    EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, gcm_tag_);
-  }
-
   // Finalize encryption or decryption.
   int final_out_len;
   success = encrypt ? EVP_EncryptFinal_ex(&ctx, out + offset, &final_out_len) :
@@ -176,93 +164,21 @@ Status EncryptionKey::EncryptInternal(
   if (success != 1) {
     return OpenSSLErr(encrypt ? "EVP_EncryptFinal" : "EVP_DecryptFinal");
   }
-
-  if (IsGcmMode() && encrypt) {
-    EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, gcm_tag_);
-  }
-
-  // Again safe due to GCM/CTR/CFB with no padding
+  // Again safe due to CTR/CFB with no padding
   DCHECK_EQ(final_out_len, 0);
   return Status::OK();
 }
 
-/// OpenSSL 1.0.1d
-#define OPENSSL_VERSION_1_0_1D 0x1000104fL
-
-/// If not defined at compile time, define them manually
-/// see: openssl/evp.h
-#ifndef EVP_CIPH_GCM_MODE
-#define EVP_CTRL_GCM_SET_IVLEN 0x9
-#define EVP_CTRL_GCM_GET_TAG 0x10
-#define EVP_CTRL_GCM_SET_TAG 0x11
-#endif
-
 extern "C" {
 ATTRIBUTE_WEAK
 const EVP_CIPHER* EVP_aes_256_ctr();
-
-ATTRIBUTE_WEAK
-const EVP_CIPHER* EVP_aes_256_gcm();
 }
 
 const EVP_CIPHER* EncryptionKey::GetCipher() const {
   // use weak symbol to avoid compiling error on OpenSSL 1.0.0 environment
-  if (mode_ == AES_256_CTR) return EVP_aes_256_ctr();
-  if (mode_ == AES_256_GCM) return EVP_aes_256_gcm();
+  if (mode_ == AES_256_CTR && EVP_aes_256_ctr) return EVP_aes_256_ctr();
 
+  // otherwise, fallback to CFB mode
   return EVP_aes_256_cfb();
 }
-
-void EncryptionKey::SetCipherMode(AES_CIPHER_MODE m) {
-  mode_ = m;
-
-  if (!IsModeSupported(m)) {
-    mode_ = GetSupportedDefaultMode();
-    LOG(WARNING) << Substitute("$0 is not supported, fall back to $1.",
-        ModeToString(m), ModeToString(mode_));
-  }
-}
-
-bool EncryptionKey::IsModeSupported(AES_CIPHER_MODE m) const {
-  switch (m) {
-    case AES_256_GCM:
-      // It becomes a bit tricky for GCM mode, because GCM mode is enabled 
since
-      // OpenSSL 1.0.1, but the tag validation only works since 1.0.1d. We have
-      // to make sure that OpenSSL version >= 1.0.1d for GCM. So we need
-      // SSLeay(). Note that SSLeay() may return the compiling version on
-      // certain platforms if it was built against an older version(see:
-      // IMPALA-6418). In this case, it will return false, and EncryptionKey
-      // will try to fall back to CTR mode, so it is not ideal but is OK to use
-      // SSLeay() for GCM mode here since in the worst case, we will be using
-      // AES_256_CTR in a system that supports AES_256_GCM.
-      return (CpuInfo::IsSupported(CpuInfo::PCLMULQDQ)
-          && SSLeay() >= OPENSSL_VERSION_1_0_1D && EVP_aes_256_gcm);
-
-    case AES_256_CTR:
-      // If TLS1.2 is supported, then we're on a verison of OpenSSL that
-      // supports AES-256-CTR.
-      return (MaxSupportedTlsVersion() >= TLS1_2_VERSION && EVP_aes_256_ctr);
-
-    case AES_256_CFB:
-      return true;
-
-    default:
-      return false;
-  }
-}
-
-AES_CIPHER_MODE EncryptionKey::GetSupportedDefaultMode() const {
-  if (IsModeSupported(AES_256_GCM)) return AES_256_GCM;
-  if (IsModeSupported(AES_256_CTR)) return AES_256_CTR;
-  return AES_256_CFB;
-}
-
-const string EncryptionKey::ModeToString(AES_CIPHER_MODE m) const {
-  switch(m) {
-    case AES_256_GCM: return "AES-GCM";
-    case AES_256_CTR: return "AES-CTR";
-    case AES_256_CFB: return "AES-CFB";
-  }
-  return "Unknown mode";
-}
 }

http://git-wip-us.apache.org/repos/asf/impala/blob/31f38687/be/src/util/openssl-util.h
----------------------------------------------------------------------
diff --git a/be/src/util/openssl-util.h b/be/src/util/openssl-util.h
index ef53425..7b1b28e 100644
--- a/be/src/util/openssl-util.h
+++ b/be/src/util/openssl-util.h
@@ -60,9 +60,9 @@ bool IsExternalTlsConfigured();
 void SeedOpenSSLRNG();
 
 enum AES_CIPHER_MODE {
-  AES_256_CFB,
   AES_256_CTR,
-  AES_256_GCM
+  AES_256_CFB,
+  AES_256_GCM // not supported now.
 };
 
 /// The hash of a data buffer used for checking integrity. A SHA256 hash is 
used
@@ -83,56 +83,43 @@ class IntegrityHash {
 /// The key and initialization vector (IV) required to encrypt and decrypt a 
buffer of
 /// data. This should be regenerated for each buffer of data.
 ///
-/// We use AES with a 256-bit key and GCM/CTR/CFB cipher block mode, which 
gives us a
-/// stream cipher that can support arbitrary-length ciphertexts. The mode is 
chosen
-/// depends on the OpenSSL version & the hardware support at runtime. The IV 
is used as
+/// We use AES with a 256-bit key and CTR/CFB cipher block mode, which gives 
us a stream
+/// cipher that can support arbitrary-length ciphertexts. If OpenSSL version 
at runtime
+/// is 1.0.1 or above, CTR mode is used, otherwise CFB mode is used. The IV is 
used as
 /// an input to the cipher as the "block to supply before the first block of 
plaintext".
 /// This is required because all ciphers (except the weak ECB) are built such 
that each
 /// block depends on the output from the previous block. Since the first block 
doesn't
 /// have a previous block, we supply this IV. Think of it  as starting off the 
chain of
 /// encryption.
-///
-/// Notes for GCM:
-/// (1) GCM mode was supported since OpenSSL 1.0.1, however the tag 
verification
-/// in decryption was only supported since OpenSSL 1.0.1d.
-/// (2) The plaintext and the Additional Authenticated Data(AAD) are the two
-/// categories of data that GCM protects. GCM protects the authenticity of the
-/// plaintext and the AAD, and GCM also protects the confidentiality of the
-/// plaintext. The AAD itself is not required or won't change the security.
-/// In our case(Spill to Disk), we just ignore the AAD.
-
 class EncryptionKey {
  public:
-  EncryptionKey() : initialized_(false) { mode_ = GetSupportedDefaultMode(); }
-
-  /// Initializes a key for temporary use with randomly generated data, and 
clears the
-  /// tag for GCM mode. Reinitializes with new random values if the key was 
already
-  /// initialized. We use AES-GCM/AES-CTR/AES-CFB mode so key/IV pairs should 
not be
-  /// reused. This function automatically reseeds the RNG periodically, so 
callers do
-  /// not need to do it.
+  EncryptionKey() : initialized_(false) {
+    // If TLS1.2 is supported, then we're on a verison of OpenSSL that supports
+    // AES-256-CTR.
+    mode_ = MaxSupportedTlsVersion() < TLS1_2_VERSION ? AES_256_CFB : 
AES_256_CTR;
+  }
+
+  /// Initialize a key for temporary use with randomly generated data. 
Reinitializes with
+  /// new random values if the key was already initialized. We use 
AES-CTR/AES-CFB mode
+  /// so key/IV pairs should not be reused. This function automatically 
reseeds the RNG
+  /// periodically, so callers do not need to do it.
   void InitializeRandom();
 
   /// Encrypts a buffer of input data 'data' of length 'len' into an output 
buffer 'out'.
   /// Exactly 'len' bytes will be written to 'out'. This key must be 
initialized before
   /// calling. Operates in-place if 'in' == 'out', otherwise the buffers must 
not overlap.
-  /// For GCM mode, the hash tag will be kept inside(gcm_tag_ variable).
-  Status Encrypt(const uint8_t* data, int64_t len, uint8_t* out) 
WARN_UNUSED_RESULT;
+  Status Encrypt(const uint8_t* data, int64_t len, uint8_t* out) const 
WARN_UNUSED_RESULT;
 
   /// Decrypts a buffer of input data 'data' of length 'len' that was 
encrypted with this
   /// key into an output buffer 'out'. Exactly 'len' bytes will be written to 
'out'.
   /// This key must be initialized before calling. Operates in-place if 'in' 
== 'out',
-  /// otherwise the buffers must not overlap. For GCM mode, the hash tag, 
which is
-  /// computed during encryption, will be used for intgerity verification.
-  Status Decrypt(const uint8_t* data, int64_t len, uint8_t* out) 
WARN_UNUSED_RESULT;
+  /// otherwise the buffers must not overlap.
+  Status Decrypt(const uint8_t* data, int64_t len, uint8_t* out) const 
WARN_UNUSED_RESULT;
 
   /// Specify a cipher mode. Currently used only for testing but maybe in 
future we
   /// can provide a configuration option for the end user who can choose a 
preferred
   /// mode(GCM, CTR, CFB...) based on their software/hardware environment.
-  /// If not supported, fall back to the supported mode at runtime.
-  void SetCipherMode(AES_CIPHER_MODE m);
-
-  /// If is GCM mode at runtime
-  bool IsGcmMode() const { return mode_ == AES_256_GCM; }
+  void SetCipherMode(AES_CIPHER_MODE m) { mode_ = m; }
 
  private:
   /// Helper method that encrypts/decrypts if 'encrypt' is true/false 
respectively.
@@ -141,25 +128,13 @@ class EncryptionKey {
   /// This key must be initialized before calling. Operates in-place if 'in' 
== 'out',
   /// otherwise the buffers must not overlap.
   Status EncryptInternal(bool encrypt, const uint8_t* data, int64_t len,
-      uint8_t* out) WARN_UNUSED_RESULT;
-
-  /// Check if mode m is supported at runtime
-  bool IsModeSupported(AES_CIPHER_MODE m) const;
-
-  /// Returns the a default mode which is supported at runtime. If GCM mode
-  /// is supported, return AES_256_GCM as the default. If GCM is not supported,
-  /// but CTR is still supported, return AES_256_CTR. When both GCM and
-  /// CTR modes are not supported, return AES_256_CFB.
-  AES_CIPHER_MODE GetSupportedDefaultMode() const;
-
-  /// Converts mode type to string.
-  const string ModeToString(AES_CIPHER_MODE m) const;
+      uint8_t* out) const WARN_UNUSED_RESULT;
 
   /// Track whether this key has been initialized, to avoid accidentally using
   /// uninitialized keys.
   bool initialized_;
 
-  /// Returns a EVP_CIPHER according to cipher mode at runtime
+  /// return a EVP_CIPHER according to cipher mode at runtime
   const EVP_CIPHER* GetCipher() const;
 
   /// An AES 256-bit key.
@@ -168,9 +143,6 @@ class EncryptionKey {
   /// An initialization vector to feed as the first block to AES.
   uint8_t iv_[AES_BLOCK_SIZE];
 
-  /// Tag for GCM mode
-  uint8_t gcm_tag_[AES_BLOCK_SIZE];
-
   /// Cipher Mode
   AES_CIPHER_MODE mode_;
 };

Reply via email to