zxf216 commented on issue #1183:
URL: https://github.com/apache/orc/issues/1183#issuecomment-1970503084
Solution @wgtmac
**In the method DecryptionInputStream::seek, update the value of IV.**
```
void DecryptionInputStream::seek(PositionProvider& position) {
changeIv(position.current());
input_->seek(position);
}
```
**The changeIv method is defined as follows.**
```
void DecryptionInputStream::changeIv(long offset) {
int blockSize = EVP_CIPHER_key_length(cipher);
long encryptionBlocks = offset / blockSize;
long extra = offset % blockSize;
std::fill(iv_.end() - 8, iv_.end(), 0);
if (encryptionBlocks != 0) {
// Add the encryption blocks into the initial iv, to compensate for
// skipping over decrypting those bytes.
int posn = iv_.size() - 1;
while (encryptionBlocks > 0) {
long sum = (iv_[posn] & 0xff) + encryptionBlocks;
iv_[posn--] = (unsigned char) sum;
encryptionBlocks = sum / 0x100;
}
}
EVP_DecryptInit_ex(ctx_, cipher, NULL, key_.data(), iv_.data());
// If the range starts at an offset that doesn't match the encryption
// block, we need to advance some bytes within an encryption block.
if (extra > 0) {
std::vector<unsigned char> decrypted(extra);
int decrypted_len;
EVP_DecryptUpdate(ctx_, decrypted.data(), &decrypted_len,
decrypted.data(), extra);
}
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
