[
https://issues.apache.org/jira/browse/DRILL-5634?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16085572#comment-16085572
]
ASF GitHub Bot commented on DRILL-5634:
---------------------------------------
Github user arina-ielchiieva commented on a diff in the pull request:
https://github.com/apache/drill/pull/865#discussion_r127192939
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/expr/fn/impl/CryptoFunctions.java
---
@@ -0,0 +1,389 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.drill.exec.expr.fn.impl;
+
+import io.netty.buffer.DrillBuf;
+import org.apache.drill.exec.expr.DrillSimpleFunc;
+import org.apache.drill.exec.expr.annotations.FunctionTemplate;
+import org.apache.drill.exec.expr.annotations.Output;
+import org.apache.drill.exec.expr.annotations.Param;
+import org.apache.drill.exec.expr.annotations.Workspace;
+import org.apache.drill.exec.expr.holders.VarCharHolder;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+
+public class CryptoFunctions {
+ static final org.slf4j.Logger logger =
org.slf4j.LoggerFactory.getLogger(CryptoFunctions.class);
+
+ private CryptoFunctions() {
+ }
+
+ /**
+ * This class returns the md2 digest of a given input string.
+ * Usage is SELECT md2( <input string> ) FROM ...
+ */
+
+ @FunctionTemplate(name = "md2", scope =
FunctionTemplate.FunctionScope.SIMPLE, nulls =
FunctionTemplate.NullHandling.NULL_IF_NULL)
+ public static class MD2Function implements DrillSimpleFunc {
+
+ @Param
+ VarCharHolder rawInput;
+
+ @Output
+ VarCharHolder out;
+
+ @Inject
+ DrillBuf buffer;
+
+ @Override
+ public void setup() {
+ }
+
+ @Override
+ public void eval() {
+
+ String input =
org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
+ String outputString =
org.apache.commons.codec.digest.DigestUtils.md2Hex(input).toLowerCase();
+
+ out.buffer = buffer;
+ out.start = 0;
+ out.end = outputString.getBytes().length;
+ buffer.setBytes(0, outputString.getBytes());
+ }
+
+ }
+
+ /**
+ * This function returns the MD5 digest of a given input string.
+ * Usage is shown below:
+ * select md5( 'testing' ) from (VALUES(1));
+ */
+
+ @FunctionTemplate(name = "md5", scope =
FunctionTemplate.FunctionScope.SIMPLE, nulls =
FunctionTemplate.NullHandling.NULL_IF_NULL)
+ public static class MD5Function implements DrillSimpleFunc {
+
+ @Param
+ VarCharHolder rawInput;
+
+ @Output
+ VarCharHolder out;
+
+ @Inject
+ DrillBuf buffer;
+
+ @Override
+ public void setup() {
+ }
+
+ @Override
+ public void eval() {
+
+ String input =
org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
+ String outputString =
org.apache.commons.codec.digest.DigestUtils.md5Hex(input).toLowerCase();
+
+ out.buffer = buffer;
+ out.start = 0;
+ out.end = outputString.getBytes().length;
+ buffer.setBytes(0, outputString.getBytes());
+ }
+
+ }
+
+ /**
+ * sha(<text>) / sha1(<text>): Calculates an SHA-1 160-bit checksum for
the string, as described in RFC 3174 (Secure Hash Algorithm).
+ * (https://en.wikipedia.org/wiki/SHA-1) The value is returned as a
string of 40 hexadecimal digits, or NULL if the argument was NULL.
+ * Note that sha() and sha1() are aliases for the same function.
+ *
+ * > select sha1( 'testing' ) from (VALUES(1));
+ */
+
+ @FunctionTemplate(names = {"sha", "sha1"}, scope =
FunctionTemplate.FunctionScope.SIMPLE, nulls =
FunctionTemplate.NullHandling.NULL_IF_NULL)
+ public static class SHA1Function implements DrillSimpleFunc {
+
+ @Param
+ VarCharHolder rawInput;
+
+ @Output
+ VarCharHolder out;
+
+ @Inject
+ DrillBuf buffer;
+
+ @Override
+ public void setup() {
+
+ }
+
+ @Override
+ public void eval() {
+
+ String input =
org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
+
+ String sha1 =
org.apache.commons.codec.digest.DigestUtils.sha1Hex(input);
+
+ out.buffer = buffer;
+ out.start = 0;
+ out.end = sha1.getBytes().length;
+ buffer.setBytes(0, sha1.getBytes());
+ }
+
+ }
+
+ /**
+ * sha2(<text>) / sha256(<text>): Calculates an SHA-2 256-bit checksum
for the string. The value is returned as a string of hexadecimal digits,
+ * or NULL if the argument was NULL. Note that sha2() and sha256() are
aliases for the same function.
+ * > select sha2( 'testing' ) from (VALUES(1));
+ */
+
+ @FunctionTemplate(names = {"sha256", "sha2"}, scope =
FunctionTemplate.FunctionScope.SIMPLE, nulls =
FunctionTemplate.NullHandling.NULL_IF_NULL)
+ public static class SHA256Function implements DrillSimpleFunc {
+
+ @Param
+ VarCharHolder rawInput;
+
+ @Output
+ VarCharHolder out;
+
+ @Inject
+ DrillBuf buffer;
+
+
+ @Override
+ public void setup() {
+
+ }
+
+ @Override
+ public void eval() {
+
+ String input =
org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
+
+ String sha2 =
org.apache.commons.codec.digest.DigestUtils.sha256Hex(input);
+
+ out.buffer = buffer;
+ out.start = 0;
+ out.end = sha2.getBytes().length;
+ buffer.setBytes(0, sha2.getBytes());
+ }
+
+ }
+
+ /**
+ * This function returns the SHA384 digest of a given input string.
+ * Usage is shown below:
+ * select sha384( 'testing' ) from (VALUES(1));
+ */
+
+ @FunctionTemplate(name = "sha384", scope =
FunctionTemplate.FunctionScope.SIMPLE, nulls =
FunctionTemplate.NullHandling.NULL_IF_NULL)
+ public static class SHA384Function implements DrillSimpleFunc {
+
+ @Param
+ VarCharHolder rawInput;
+
+ @Output
+ VarCharHolder out;
+
+ @Inject
+ DrillBuf buffer;
+
+ @Override
+ public void setup() {
+
+ }
+
+ @Override
+ public void eval() {
+
+ String input =
org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
+
+ String sha384 =
org.apache.commons.codec.digest.DigestUtils.sha384Hex(input);
+
+ out.buffer = buffer;
+ out.start = 0;
+ out.end = sha384.getBytes().length;
+ buffer.setBytes(0, sha384.getBytes());
+ }
+
+ }
+
+ /**
+ * This function returns the SHA512 digest of a given input string.
+ * Usage is shown below:
+ * select sha512( 'testing' ) from (VALUES(1));
+ */
+
+
+ @FunctionTemplate(name = "sha512", scope =
FunctionTemplate.FunctionScope.SIMPLE, nulls =
FunctionTemplate.NullHandling.NULL_IF_NULL)
+ public static class SHA512Function implements DrillSimpleFunc {
+
+ @Param
+ VarCharHolder rawInput;
+
+ @Output
+ VarCharHolder out;
+
+ @Inject
+ DrillBuf buffer;
+
+ @Override
+ public void setup() {
+
+ }
+
+ @Override
+ public void eval() {
+
+ String input =
org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawInput.start,
rawInput.end, rawInput.buffer);
+
+ String sha512 =
org.apache.commons.codec.digest.DigestUtils.sha512Hex(input);
+
+ out.buffer = buffer;
+ out.start = 0;
+ out.end = sha512.getBytes().length;
+ buffer.setBytes(0, sha512.getBytes());
+ }
+
+ }
+
+ /**
+ * aes_encrypt()/ aes_decrypt(): implement encryption and decryption of
data using the official AES (Advanced Encryption Standard) algorithm,
+ * previously known as “Rijndael.” AES_ENCRYPT() encrypts the string str
using the key string key_str and returns a
+ * binary string containing the encrypted output.
+ * Usage: SELECT aes_encrypt( 'encrypted_text', 'my_secret_key' ) AS
aes FROM (VALUES(1));
+ */
+
+
+ @FunctionTemplate(name = "aes_encrypt", scope =
FunctionTemplate.FunctionScope.SIMPLE, nulls =
FunctionTemplate.NullHandling.NULL_IF_NULL)
+ public static class AESEncryptFunction implements DrillSimpleFunc {
+
+ @Param
+ VarCharHolder rawInput;
+
+ @Param
+ VarCharHolder rawKey;
+
+ @Output
+ VarCharHolder out;
+
+ @Inject
+ DrillBuf buffer;
+
+ @Workspace
+ Cipher cipher;
+
+ @Override
+ public void setup() {
+ String key =
org.apache.drill.exec.expr.fn.impl.StringFunctionHelpers.toStringFromUTF8(rawKey.start,
rawKey.end, rawKey.buffer);
+ java.security.MessageDigest sha = null;
+ try {
+ byte[] keyByteArray = key.getBytes("UTF-8");
+ sha = java.security.MessageDigest.getInstance("SHA-1");
+ keyByteArray = sha.digest(keyByteArray);
+ keyByteArray = java.util.Arrays.copyOf(keyByteArray, 16);
+ SecretKeySpec secretKey = new SecretKeySpec(keyByteArray, "AES");
--- End diff --
We don't need to use fully qualified class name when variable is declared
in class (like for `Cipher`, import will be added automatically). For
`SecretKeySpec` we need to use fully qualified class name since it's declared
internally in method: `javax.crypto.spec.SecretKeySpec secretKey = new
javax.crypto.spec.SecretKeySpec(keyByteArray, "AES");`
For example, Drill will create `ProjectorGen0` where it will add variables
declared in class (thus imports will be added automatically). Also it will copy
content of `setup` and `eval` methods, in this case imports won't be added
automatically. We might need to enhance this mechanism so all imports UDFs
class are added and user won't required to use fully qualified class names. The
same problem be with `logger`.
Actually, I have run `TestCryptoFunctions` on your branch and
`testAESEncrypt()` and `testAESDecrypt()` fail.
First with ` java.lang.Exception:
org.apache.drill.common.exceptions.UserRemoteException: SYSTEM ERROR:
CompileException: Line 55, Column 32: Cannot determine simple type name
"SecretKeySpec"` and when I have fixed this problem with `Caused By
(org.codehaus.commons.compiler.CompileException) Line 61, Column 16: Unknown
variable or type "logger"`.
Note: it's a good practice (I even would say a requirement) to make sure
that all unit test pass before publishing changes in Drill.
> Add Crypto and Hash Functions
> -----------------------------
>
> Key: DRILL-5634
> URL: https://issues.apache.org/jira/browse/DRILL-5634
> Project: Apache Drill
> Issue Type: New Feature
> Components: Functions - Drill
> Affects Versions: 1.10.0
> Reporter: Charles Givre
> Labels: doc-impacting
> Fix For: 1.11.0
>
>
> This library contains a collection of cryptography-related functions for
> Apache Drill. It generally mirrors the crypto functions in MySQL. The
> package includes:
> * **`aes_encrypt()`/ `aes_decrypt()`**: implement encryption and decryption
> of data using the official AES (Advanced Encryption Standard) algorithm,
> previously known as “Rijndael.”
> `AES_ENCRYPT()` encrypts the string `str` using the key string `key_str` and
> returns a binary string containing the encrypted output. `AES_DECRYPT()`
> decrypts the encrypted string `crypt_str` using the key string `key_str` and
> returns the original cleartext string. If either function argument is NULL,
> the function returns NULL.
> ```sql
> > SELECT aes_encrypt( 'encrypted_text', 'my_secret_key' ) AS aes FROM
> > (VALUES(1));
> +---------------------------+
> | aes |
> +---------------------------+
> | JkcBUNAn8ByKWCcVmNrKMA== |
> +---------------------------+
> > SELECT aes_encrypt( 'encrypted_text', 'my_secret_key' ) AS encrypted,
> aes_decrypt(aes_encrypt( 'encrypted_text', 'my_secret_key'
> ),'my_secret_key') AS decrypted
> FROM (VALUES(1));
> +---------------------------+-----------------+
> | encrypted | decrypted |
> +---------------------------+-----------------+
> | JkcBUNAn8ByKWCcVmNrKMA== | encrypted_text |
> +---------------------------+-----------------+
> ```
> * **`md5(<text>)`**: Returns the md5 hash of the text.
> (https://en.wikipedia.org/wiki/MD5)
> Usage:
> ```sql
> > select md5( 'testing' ) from (VALUES(1));
> +-----------------------------------+
> | EXPR$0 |
> +-----------------------------------+
> | ae2b1fca515949e5d54fb22b8ed95575 |
> +-----------------------------------+
> ```
> * **`sha(<text>`) / `sha1(<text>)`**: Calculates an SHA-1 160-bit checksum
> for the string, as described in RFC 3174 (Secure Hash Algorithm).
> (https://en.wikipedia.org/wiki/SHA-1) The value is returned as a string of
> 40 hexadecimal digits, or NULL if the argument was NULL. Note that `sha()`
> and `sha1()` are aliases for the same function.
> ```sql
> > select sha1( 'testing' ) from (VALUES(1));
> +-------------------------------------------+
> | EXPR$0 |
> +-------------------------------------------+
> | dc724af18fbdd4e59189f5fe768a5f8311527050 |
> +-------------------------------------------+
> ```
> * **`sha2(<text>`) / `sha256(<text>)`**: Calculates an SHA-2 256-bit checksum
> for the string. (https://en.wikipedia.org/wiki/SHA-2) The value is returned
> as a string of hexadecimal digits, or NULL if the argument was NULL. Note
> that `sha2()` and `sha256()` are aliases for the same function.
> ```sql
> > select sha2( 'testing' ) from (VALUES(1));
> +-------------------------------------------------------------------+
> | EXPR$0 |
> +-------------------------------------------------------------------+
> | cf80cd8aed482d5d1527d7dc72fceff84e6326592848447d2dc0b0e87dfc9a90 |
> +-------------------------------------------------------------------+
> ```
> Additionally, there are also `sha384(<text>)` and `sha512(<text>)` functions
> which return SHA-2 hashes with 384 and 512 bit checksums.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
