File: decryptor.go

package info (click to toggle)
golang-github-apache-arrow-go 18.2.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 32,200 kB
  • sloc: asm: 477,547; ansic: 5,369; cpp: 759; sh: 585; makefile: 319; python: 190; sed: 5
file content (306 lines) | stat: -rw-r--r-- 10,835 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
 
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements.  See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership.  The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License.  You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package encryption

import (
	"fmt"
	"io"

	"github.com/apache/arrow-go/v18/arrow"
	"github.com/apache/arrow-go/v18/arrow/memory"
	"github.com/apache/arrow-go/v18/parquet"
	"github.com/apache/arrow-go/v18/parquet/internal/debug"
	format "github.com/apache/arrow-go/v18/parquet/internal/gen-go/parquet"
)

// FileDecryptor is an interface used by the filereader for decrypting an
// entire parquet file as we go, usually constructed from the DecryptionProperties
type FileDecryptor interface {
	// Returns the key for decrypting the footer if provided
	GetFooterKey() string
	// Provides the file level AAD security bytes
	FileAad() string
	// return which algorithm this decryptor was constructed for
	Algorithm() parquet.Cipher
	// return the FileDecryptionProperties that were used for this decryptor
	Properties() *parquet.FileDecryptionProperties
	// Clear out the decryption keys, this is automatically called after every
	// successfully decrypted file to ensure that keys aren't kept around.
	WipeOutDecryptionKeys()
	// GetFooterDecryptor returns a Decryptor interface for use to decrypt the footer
	// of a parquet file.
	GetFooterDecryptor() Decryptor
	// GetFooterDecryptorForColumnMeta returns a Decryptor interface for Column Metadata
	// in the file footer using the AAD bytes provided.
	GetFooterDecryptorForColumnMeta(aad string) Decryptor
	// GetFooterDecryptorForColumnData returns the decryptor that can be used for decrypting
	// actual column data footer bytes, not column metadata.
	GetFooterDecryptorForColumnData(aad string) Decryptor
	// GetColumnMetaDecryptor returns a decryptor for the requested column path, key and AAD bytes
	// but only for decrypting the row group level metadata
	GetColumnMetaDecryptor(columnPath, columnKeyMetadata, aad string) Decryptor
	// GetColumnDataDecryptor returns a decryptor for the requested column path, key, and AAD bytes
	// but only for the rowgroup column data.
	GetColumnDataDecryptor(columnPath, columnKeyMetadata, aad string) Decryptor
}

type fileDecryptor struct {
	// the properties contains the key retriever for us to get keys
	// from the key metadata
	props *parquet.FileDecryptionProperties
	// concatenation of aad_prefix (if exists) and aad_file_unique
	fileAad                 string
	columnDataMap           map[string]Decryptor
	columnMetaDataMap       map[string]Decryptor
	footerMetadataDecryptor Decryptor
	footerDataDecryptor     Decryptor
	alg                     parquet.Cipher
	footerKeyMetadata       string
	metaDecryptor           *aesDecryptor
	dataDecryptor           *aesDecryptor
	mem                     memory.Allocator
}

// NewFileDecryptor constructs a decryptor from the provided configuration of properties, cipher and key metadata. Using the provided memory allocator or
// the default allocator if one isn't provided.
func NewFileDecryptor(props *parquet.FileDecryptionProperties, fileAad string, alg parquet.Cipher, keymetadata string, mem memory.Allocator) FileDecryptor {
	if mem == nil {
		mem = memory.DefaultAllocator
	}
	return &fileDecryptor{
		fileAad:           fileAad,
		props:             props,
		alg:               alg,
		footerKeyMetadata: keymetadata,
		mem:               mem,
		columnDataMap:     make(map[string]Decryptor),
		columnMetaDataMap: make(map[string]Decryptor),
	}
}

func (d *fileDecryptor) FileAad() string                               { return d.fileAad }
func (d *fileDecryptor) Properties() *parquet.FileDecryptionProperties { return d.props }
func (d *fileDecryptor) Algorithm() parquet.Cipher                     { return d.alg }
func (d *fileDecryptor) GetFooterKey() string {
	footerKey := d.props.FooterKey()
	if footerKey == "" {
		if d.footerKeyMetadata == "" {
			panic("no footer key or key metadata")
		}
		if d.props.KeyRetriever == nil {
			panic("no footer key or key retriever")
		}
		footerKey = d.props.KeyRetriever.GetKey([]byte(d.footerKeyMetadata))
	}
	if footerKey == "" {
		panic("invalid footer encryption key. Could not parse footer metadata")
	}
	return footerKey
}

func (d *fileDecryptor) GetFooterDecryptor() Decryptor {
	aad := CreateFooterAad(d.fileAad)
	return d.getFooterDecryptor(aad, true)
}

func (d *fileDecryptor) GetFooterDecryptorForColumnMeta(aad string) Decryptor {
	return d.getFooterDecryptor(aad, true)
}

func (d *fileDecryptor) GetFooterDecryptorForColumnData(aad string) Decryptor {
	return d.getFooterDecryptor(aad, false)
}

func (d *fileDecryptor) GetColumnMetaDecryptor(columnPath, columnKeyMetadata, aad string) Decryptor {
	return d.getColumnDecryptor(columnPath, columnKeyMetadata, aad, true)
}

func (d *fileDecryptor) GetColumnDataDecryptor(columnPath, columnKeyMetadata, aad string) Decryptor {
	return d.getColumnDecryptor(columnPath, columnKeyMetadata, aad, false)
}

func (d *fileDecryptor) WipeOutDecryptionKeys() {
	d.props.WipeOutDecryptionKeys()
}

func (d *fileDecryptor) getFooterDecryptor(aad string, metadata bool) Decryptor {
	if metadata {
		if d.footerMetadataDecryptor != nil {
			return d.footerMetadataDecryptor
		}
	} else {
		if d.footerDataDecryptor != nil {
			return d.footerDataDecryptor
		}
	}

	footerKey := d.GetFooterKey()

	// Create both data and metadata decryptors to avoid redundant retrieval of key
	// from the key_retriever.
	aesMetaDecrypt := d.getMetaAesDecryptor()
	aesDataDecrypt := d.getDataAesDecryptor()

	d.footerMetadataDecryptor = &decryptor{
		decryptor: aesMetaDecrypt,
		key:       []byte(footerKey),
		fileAad:   []byte(d.fileAad),
		aad:       []byte(aad),
		mem:       d.mem,
	}
	d.footerDataDecryptor = &decryptor{
		decryptor: aesDataDecrypt,
		key:       []byte(footerKey),
		fileAad:   []byte(d.fileAad),
		aad:       []byte(aad),
		mem:       d.mem,
	}

	if metadata {
		return d.footerMetadataDecryptor
	}
	return d.footerDataDecryptor
}

func (d *fileDecryptor) getColumnDecryptor(columnPath, columnMeta, aad string, metadata bool) Decryptor {
	if metadata {
		if res, ok := d.columnMetaDataMap[columnPath]; ok {
			res.UpdateAad(aad)
			return res
		}
	} else {
		if res, ok := d.columnDataMap[columnPath]; ok {
			res.UpdateAad(aad)
			return res
		}
	}

	columnKey := d.props.ColumnKey(columnPath)
	// No explicit column key given via API. Retrieve via key metadata.
	if columnKey == "" && columnMeta != "" && d.props.KeyRetriever != nil {
		columnKey = d.props.KeyRetriever.GetKey([]byte(columnMeta))
	}
	if columnKey == "" {
		panic("hidden column exception, path=" + columnPath)
	}

	aesDataDecrypt := d.getDataAesDecryptor()
	aesMetaDecrypt := d.getMetaAesDecryptor()

	d.columnDataMap[columnPath] = &decryptor{
		decryptor: aesDataDecrypt,
		key:       []byte(columnKey),
		fileAad:   []byte(d.fileAad),
		aad:       []byte(aad),
		mem:       d.mem,
	}
	d.columnMetaDataMap[columnPath] = &decryptor{
		decryptor: aesMetaDecrypt,
		key:       []byte(columnKey),
		fileAad:   []byte(d.fileAad),
		aad:       []byte(aad),
		mem:       d.mem,
	}

	if metadata {
		return d.columnMetaDataMap[columnPath]
	}
	return d.columnDataMap[columnPath]
}

func (d *fileDecryptor) getMetaAesDecryptor() *aesDecryptor {
	if d.metaDecryptor == nil {
		d.metaDecryptor = newAesDecryptor(d.alg, true)
	}
	return d.metaDecryptor
}

func (d *fileDecryptor) getDataAesDecryptor() *aesDecryptor {
	if d.dataDecryptor == nil {
		d.dataDecryptor = newAesDecryptor(d.alg, false)
	}
	return d.dataDecryptor
}

// Decryptor is the basic interface for any decryptor generated from a FileDecryptor
type Decryptor interface {
	// returns the File Level AAD bytes
	FileAad() string
	// returns the current allocator that was used for any extra allocations of buffers
	Allocator() memory.Allocator
	// returns the CiphertextSizeDelta from the decryptor
	CiphertextSizeDelta() int
	// Decrypt just returns the decrypted plaintext from the src ciphertext
	Decrypt(src []byte) []byte
	// Decrypt just returns the decrypted plaintext from the src ciphertext
	DecryptFrom(r io.Reader) []byte
	// set the AAD bytes of the decryptor to the provided string
	UpdateAad(string)
}

type decryptor struct {
	decryptor *aesDecryptor
	key       []byte
	fileAad   []byte
	aad       []byte
	mem       memory.Allocator
}

func (d *decryptor) Allocator() memory.Allocator { return d.mem }
func (d *decryptor) FileAad() string             { return string(d.fileAad) }
func (d *decryptor) UpdateAad(aad string)        { d.aad = []byte(aad) }
func (d *decryptor) CiphertextSizeDelta() int    { return d.decryptor.CiphertextSizeDelta() }
func (d *decryptor) Decrypt(src []byte) []byte {
	return d.decryptor.Decrypt(src, d.key, d.aad)
}
func (d *decryptor) DecryptFrom(r io.Reader) []byte {
	return d.decryptor.DecryptFrom(r, d.key, d.aad)
}

func getColumnDecryptor(cryptoMetadata *format.ColumnCryptoMetaData, fileDecryptor FileDecryptor, metadata bool) (Decryptor, error) {
	if cryptoMetadata == nil {
		return nil, nil
	}

	if fileDecryptor == nil {
		return nil, fmt.Errorf("%w: row group is noted as encrypted but no file decryptor", arrow.ErrNotFound)
	}

	if cryptoMetadata.IsSetENCRYPTION_WITH_FOOTER_KEY() {
		if metadata {
			return fileDecryptor.GetFooterDecryptorForColumnMeta(fileDecryptor.FileAad()), nil
		}
		return fileDecryptor.GetFooterDecryptorForColumnData(fileDecryptor.FileAad()), nil
	}

	// column is encrypted with its own key
	columnKeyMetadata := cryptoMetadata.ENCRYPTION_WITH_COLUMN_KEY.KeyMetadata
	colPath := parquet.ColumnPath(cryptoMetadata.ENCRYPTION_WITH_COLUMN_KEY.PathInSchema).String()
	return fileDecryptor.GetColumnMetaDecryptor(colPath, string(columnKeyMetadata), ""), nil
}

func GetColumnMetaDecryptor(cryptoMetadata *format.ColumnCryptoMetaData, fileDecryptor FileDecryptor) (Decryptor, error) {
	return getColumnDecryptor(cryptoMetadata, fileDecryptor, true)
}

const NonPageOrdinal int16 = -1

func UpdateDecryptor(decryptor Decryptor, rgOrdinal, colOrdinal int16, moduleType int8) {
	debug.Assert(decryptor.FileAad() != "", "file decryptor has no file aad")
	aad := CreateModuleAad(decryptor.FileAad(), moduleType, rgOrdinal, colOrdinal, NonPageOrdinal)
	decryptor.UpdateAad(aad)
}