[fix](function) resubmit-fix AES/SM3/SM4 encrypt/ decrypt algorithm initialization vector bug#17907

xinyiZzz · 2023-03-17T09:10:52Z

Proposed changes

Issue Number: close #xxx

Problem summary

The first fix: #17420, there is a compatibility problem,
So add aes/sm4 V2 function to support correct behavior.
The original aes/sm4 still maintains the previous behavior.

——————————————

ECB algorithm, block_encryption_mode does not take effect, it only takes effect when init vector is provided.
Solved: 192/256 supports calculation without init vector
For other algorithms, an error should be reported when there is no init vector

Initialization Vector. The default value for the block_encryption_mode system variable is aes-128-ecb, or ECB mode, which does not require an initialization vector. The alternative permitted block encryption modes CBC, CFB1, CFB8, CFB128, and OFB all require an initialization vector.

Reference: https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html#function_aes-decrypt

Checklist(Required)

Does it affect the original behavior
Has unit tests been added
Has document been added or modified
Does it need to update dependencies
Is this PR support rollback (If NO, please explain WHY)

Further comments

If this is a relatively large or complex change, kick off the discussion at dev@doris.apache.org by explaining why you chose the solution you did and what alternatives you considered, etc...

github-actions · 2023-03-22T07:31:40Z

clang-tidy review says "All clean, LGTM! 👍"

xinyiZzz · 2023-03-22T07:42:05Z

run buildall

hello-stephen · 2023-03-22T16:30:28Z

TeamCity pipeline, clickbench performance test result:
the sum of best hot time: 33.33 seconds
stream load tsv: 440 seconds loaded 74807831229 Bytes, about 162 MB/s
stream load json: 24 seconds loaded 2358488459 Bytes, about 93 MB/s
stream load orc: 72 seconds loaded 1101869774 Bytes, about 14 MB/s
stream load parquet: 30 seconds loaded 861443392 Bytes, about 27 MB/s
https://doris-community-test-1308700295.cos.ap-hongkong.myqcloud.com/tmp/20230329063101_clickbench_pr_122100.html

xinyiZzz · 2023-03-23T07:04:11Z

run buildall

github-actions · 2023-03-23T07:06:34Z

clang-tidy review says "All clean, LGTM! 👍"

xinyiZzz · 2023-03-23T16:27:41Z

run buildall

github-actions · 2023-03-23T16:32:09Z

clang-tidy review says "All clean, LGTM! 👍"

fe/fe-core/src/main/java/org/apache/doris/analysis/FunctionCallExpr.java

xinyiZzz · 2023-03-27T09:53:08Z

run buildall

github-actions · 2023-03-27T09:56:19Z

clang-tidy review says "All clean, LGTM! 👍"

.../src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesDecryptV2.java

fe/fe-core/src/main/java/org/apache/doris/catalog/BuiltinScalarFunctions.java

xinyiZzz · 2023-03-28T03:22:00Z

run buildall

github-actions · 2023-03-28T03:22:56Z

PR approved by anyone and no changes requested.

github-actions · 2023-03-28T03:26:35Z

clang-tidy review says "All clean, LGTM! 👍"

xinyiZzz · 2023-03-28T03:32:23Z

run buildall

github-actions · 2023-03-28T03:34:49Z

clang-tidy review says "All clean, LGTM! 👍"

.../src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4DecryptV2.java

fe/fe-core/src/main/java/org/apache/doris/catalog/BuiltinScalarFunctions.java

xinyiZzz · 2023-03-29T01:36:36Z

run buildall

github-actions · 2023-03-29T01:39:53Z

clang-tidy review says "All clean, LGTM! 👍"

xinyiZzz · 2023-03-29T01:45:22Z

run buildall

github-actions · 2023-03-29T01:48:39Z

clang-tidy review says "All clean, LGTM! 👍"

…itialization vector bug (apache#17420)" This reverts commit 397cc01.

…nitialization vector bug (apache#17420) ECB algorithm, block_encryption_mode does not take effect, it only takes effect when init vector is provided. Solved: 192/256 supports calculation without init vector For other algorithms, an error should be reported when there is no init vector Initialization Vector. The default value for the block_encryption_mode system variable is aes-128-ecb, or ECB mode, which does not require an initialization vector. The alternative permitted block encryption modes CBC, CFB1, CFB8, CFB128, and OFB all require an initialization vector. Reference: https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html#function_aes-decrypt Note: This fix does not support smooth upgrades. during upgrade process, query may report error: funciton not found

xinyiZzz · 2023-03-29T05:31:54Z

run buildall

github-actions · 2023-03-29T05:34:47Z

clang-tidy review says "All clean, LGTM! 👍"

github-actions · 2023-03-29T08:27:11Z

PR approved by at least one committer and no changes requested.

…nitialization vector bug (apache#17907) * Revert "[fix](function) fix AES/SM3/SM4 encrypt/ decrypt algorithm initialization vector bug (apache#17420)" This reverts commit 397cc01. * [fix-resubmit](function) fix AES/SM3/SM4 encrypt/ decrypt algorithm initialization vector bug (apache#17420) ECB algorithm, block_encryption_mode does not take effect, it only takes effect when init vector is provided. Solved: 192/256 supports calculation without init vector For other algorithms, an error should be reported when there is no init vector Initialization Vector. The default value for the block_encryption_mode system variable is aes-128-ecb, or ECB mode, which does not require an initialization vector. The alternative permitted block encryption modes CBC, CFB1, CFB8, CFB128, and OFB all require an initialization vector. Reference: https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html#function_aes-decrypt Note: This fix does not support smooth upgrades. during upgrade process, query may report error: funciton not found

github-actions bot added area/nereids area/planner Issues or PRs related to the query planner kind/test labels Mar 17, 2023

xinyiZzz force-pushed the 20230317_refix_aes branch from 12922a4 to 0ce36c8 Compare March 22, 2023 07:27

github-actions bot added area/sql/function Issues or PRs related to the SQL functions area/vectorization kind/docs Categorizes issue or PR as related to documentation. labels Mar 22, 2023

xinyiZzz force-pushed the 20230317_refix_aes branch from 0ce36c8 to cedf518 Compare March 23, 2023 07:02

xinyiZzz force-pushed the 20230317_refix_aes branch from cedf518 to 07b1c82 Compare March 23, 2023 16:27

zhangstar333 reviewed Mar 27, 2023

View reviewed changes

fe/fe-core/src/main/java/org/apache/doris/analysis/FunctionCallExpr.java Show resolved Hide resolved

morrySnow reviewed Mar 27, 2023

View reviewed changes

.../src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesDecryptV2.java Outdated Show resolved Hide resolved

fe/fe-core/src/main/java/org/apache/doris/catalog/BuiltinScalarFunctions.java Show resolved Hide resolved

zhangstar333 previously approved these changes Mar 28, 2023

View reviewed changes

github-actions bot added the reviewed label Mar 28, 2023

xinyiZzz dismissed zhangstar333’s stale review via ff74fdd March 28, 2023 03:31

morrySnow reviewed Mar 28, 2023

View reviewed changes

.../src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4DecryptV2.java Outdated Show resolved Hide resolved

fe/fe-core/src/main/java/org/apache/doris/catalog/BuiltinScalarFunctions.java Show resolved Hide resolved

xinyiZzz added 8 commits March 29, 2023 13:27

Revert "[fix](function) fix AES/SM3/SM4 encrypt/ decrypt algorithm in…

52415a0

…itialization vector bug (apache#17420)" This reverts commit 397cc01.

1

1b435f6

3

fd9aa85

4

15a3def

4

fc1b7ea

4

80fe65c

5

4b3b5c2

xinyiZzz force-pushed the 20230317_refix_aes branch from c5f94d5 to 4b3b5c2 Compare March 29, 2023 05:31

morrySnow approved these changes Mar 29, 2023

View reviewed changes

github-actions bot added the approved Indicates a PR has been approved by one committer. label Mar 29, 2023

yiguolei merged commit 6964d9f into apache:master Mar 29, 2023

Comments

Conversation

xinyiZzz commented Mar 17, 2023

Proposed changes

Problem summary

Checklist(Required)

Further comments

Uh oh!

github-actions bot commented Mar 22, 2023

Uh oh!

xinyiZzz commented Mar 22, 2023

Uh oh!

hello-stephen commented Mar 22, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

xinyiZzz commented Mar 23, 2023

Uh oh!

github-actions bot commented Mar 23, 2023

Uh oh!

xinyiZzz commented Mar 23, 2023

Uh oh!

github-actions bot commented Mar 23, 2023

Uh oh!

Uh oh!

xinyiZzz commented Mar 27, 2023

Uh oh!

github-actions bot commented Mar 27, 2023

Uh oh!

Uh oh!

Uh oh!

xinyiZzz commented Mar 28, 2023

Uh oh!

github-actions bot commented Mar 28, 2023

Uh oh!

github-actions bot commented Mar 28, 2023

Uh oh!

xinyiZzz commented Mar 28, 2023

Uh oh!

github-actions bot commented Mar 28, 2023

Uh oh!

Uh oh!

Uh oh!

xinyiZzz commented Mar 29, 2023

Uh oh!

github-actions bot commented Mar 29, 2023

Uh oh!

xinyiZzz commented Mar 29, 2023

Uh oh!

github-actions bot commented Mar 29, 2023

Uh oh!

xinyiZzz commented Mar 29, 2023

Uh oh!

github-actions bot commented Mar 29, 2023

Uh oh!

github-actions bot commented Mar 29, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

hello-stephen commented Mar 22, 2023 •

edited

Loading