changed udf name and types

ccfelius · Nov 15, 2024 · 617b4ae · 617b4ae
1 parent 14f3e12
commit 617b4ae
Show file tree

Hide file tree

Showing 25 changed files with 470 additions and 305 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -4,9 +4,10 @@ cmake_minimum_required(VERSION 3.5)
 set(TARGET_NAME simple_encryption)
 set(CMAKE_CXX_STANDARD 11)
 
-# DuckDB's extension distribution supports vcpkg. As such, dependencies can be added in ./vcpkg.json and then
-# used in cmake with find_package. Feel free to remove or replace with other dependencies.
-# Note that it should also be removed from vcpkg.json to prevent needlessly installing it..
+# DuckDB's extension distribution supports vcpkg. As such, dependencies can be
+# added in ./vcpkg.json and then used in cmake with find_package. Feel free to
+# remove or replace with other dependencies. Note that it should also be removed
+# from vcpkg.json to prevent needlessly installing it..
 find_package(OpenSSL REQUIRED)
 
 set(EXTENSION_NAME ${TARGET_NAME}_extension)
@@ -18,19 +19,19 @@ add_subdirectory(src)
 include_directories(../duckdb/third_party/httplib/include)
 
 # by now do this manually, later fix this
-set(EXTENSION_SOURCES src/simple_encryption_extension.cpp
-        src/simple_encryption_extension.cpp
-        src/simple_encryption_state.cpp
-        src/core/module.cpp
-        src/core/types.cpp
-        src/core/functions/scalar/encrypt.cpp
-        src/core/functions/scalar/encrypt_to_etype.cpp
-        src/core/functions/function_data/encrypt_function_data.cpp
-        src/core/functions/cast/varchar_cast.cpp
-        src/core/functions/table/encrypt_table.cpp
-        src/core/utils/simple_encryption_utils.cpp
-        src/core/crypto/crypto_primitives.cpp
-)
+set(EXTENSION_SOURCES
+    src/simple_encryption_extension.cpp
+    src/simple_encryption_extension.cpp
+    src/simple_encryption_state.cpp
+    src/core/module.cpp
+    src/core/types.cpp
+    src/core/functions/scalar/encrypt.cpp
+    src/core/functions/scalar/encrypt_to_etype.cpp
+    src/core/functions/function_data/encrypt_function_data.cpp
+    src/core/functions/cast/varchar_cast.cpp
+    src/core/functions/table/encrypt_table.cpp
+    src/core/utils/simple_encryption_utils.cpp
+    src/core/crypto/crypto_primitives.cpp)
 
 build_static_extension(${TARGET_NAME} ${EXTENSION_SOURCES})
 build_loadable_extension(${TARGET_NAME} " " ${EXTENSION_SOURCES})

diff --git a/src/core/crypto/crypto_primitives.cpp b/src/core/crypto/crypto_primitives.cpp
@@ -15,8 +15,10 @@ void sha256(const char *in, size_t in_len, hash_bytes &out) {
   duckdb_mbedtls::MbedTlsWrapper::ComputeSha256Hash(in, in_len, (char *)out);
 }
 
-void hmac256(const std::string &message, const char *secret, size_t secret_len, hash_bytes &out) {
-  duckdb_mbedtls::MbedTlsWrapper::Hmac256(secret, secret_len, message.data(), message.size(), (char *)out);
+void hmac256(const std::string &message, const char *secret, size_t secret_len,
+             hash_bytes &out) {
+  duckdb_mbedtls::MbedTlsWrapper::Hmac256(secret, secret_len, message.data(),
+                                          message.size(), (char *)out);
 }
 
 void hmac256(std::string message, hash_bytes secret, hash_bytes &out) {
@@ -33,44 +35,45 @@ void hex256(hash_bytes &in, hash_str &out) {
   }
 }
 
-const EVP_CIPHER *GetCipher(const string &key, AESStateSSL::Algorithm algorithm) {
-
-  switch(algorithm) {
-    case AESStateSSL::GCM:
-      switch (key.size()) {
-      case 16:
-        return EVP_aes_128_gcm();
-      case 24:
-        return EVP_aes_192_gcm();
-      case 32:
-        return EVP_aes_256_gcm();
-      default:
-        throw InternalException("Invalid AES key length");
-      }
+const EVP_CIPHER *GetCipher(const string &key,
+                            AESStateSSL::Algorithm algorithm) {
+
+  switch (algorithm) {
+  case AESStateSSL::GCM:
+    switch (key.size()) {
+    case 16:
+      return EVP_aes_128_gcm();
+    case 24:
+      return EVP_aes_192_gcm();
+    case 32:
+      return EVP_aes_256_gcm();
+    default:
+      throw InternalException("Invalid AES key length");
+    }
 
-    case AESStateSSL::CTR:
-      switch (key.size()) {
-      case 16:
-        return EVP_aes_128_ctr();
-      case 24:
-        return EVP_aes_192_ctr();
-      case 32:
-        return EVP_aes_256_ctr();
-      default:
-        throw InternalException("Invalid AES key length");
-      }
-    case AESStateSSL::OCB:
-      // For now, we only support GCM ciphers
-      switch (key.size()) {
-      case 16:
-        return EVP_aes_128_ocb();
-      case 24:
-        return EVP_aes_192_ocb();
-      case 32:
-        return EVP_aes_256_ocb();
-      default:
-        throw InternalException("Invalid AES key length");
-      }
+  case AESStateSSL::CTR:
+    switch (key.size()) {
+    case 16:
+      return EVP_aes_128_ctr();
+    case 24:
+      return EVP_aes_192_ctr();
+    case 32:
+      return EVP_aes_256_ctr();
+    default:
+      throw InternalException("Invalid AES key length");
+    }
+  case AESStateSSL::OCB:
+    // For now, we only support GCM ciphers
+    switch (key.size()) {
+    case 16:
+      return EVP_aes_128_ocb();
+    case 24:
+      return EVP_aes_192_ocb();
+    case 32:
+      return EVP_aes_256_ocb();
+    default:
+      throw InternalException("Invalid AES key length");
+    }
   }
 }
 
@@ -85,9 +88,7 @@ AESStateSSL::~AESStateSSL() {
   EVP_CIPHER_CTX_free(context);
 }
 
-bool AESStateSSL::IsOpenSSL() {
-  return ssl;
-}
+bool AESStateSSL::IsOpenSSL() { return ssl; }
 
 void AESStateSSL::SetEncryptionAlgorithm(string_t s_algorithm) {
 
@@ -107,36 +108,44 @@ void AESStateSSL::GenerateRandomData(data_ptr_t data, idx_t len) {
   RAND_bytes(data, len);
 }
 
-void AESStateSSL::InitializeEncryption(const_data_ptr_t iv, idx_t iv_len, const string *key) {
-  // somewhere here or earlier we should set the encryption algorithm (maybe manually)
+void AESStateSSL::InitializeEncryption(const_data_ptr_t iv, idx_t iv_len,
+                                       const string *key) {
+  // somewhere here or earlier we should set the encryption algorithm (maybe
+  // manually)
 
   mode = ENCRYPT;
 
-  if (1 != EVP_EncryptInit_ex(context, GetCipher(*key, algorithm), NULL, const_data_ptr_cast(key->data()), iv)) {
+  if (1 != EVP_EncryptInit_ex(context, GetCipher(*key, algorithm), NULL,
+                              const_data_ptr_cast(key->data()), iv)) {
     throw InternalException("EncryptInit failed");
   }
 }
 
-void AESStateSSL::InitializeDecryption(const_data_ptr_t iv, idx_t iv_len, const string *key) {
+void AESStateSSL::InitializeDecryption(const_data_ptr_t iv, idx_t iv_len,
+                                       const string *key) {
   mode = DECRYPT;
 
-  if (1 != EVP_DecryptInit_ex(context, GetCipher(*key, algorithm), NULL, const_data_ptr_cast(key->data()), iv)) {
+  if (1 != EVP_DecryptInit_ex(context, GetCipher(*key, algorithm), NULL,
+                              const_data_ptr_cast(key->data()), iv)) {
     throw InternalException("DecryptInit failed");
   }
 }
 
-size_t AESStateSSL::Process(const_data_ptr_t in, idx_t in_len, data_ptr_t out, idx_t out_len) {
+size_t AESStateSSL::Process(const_data_ptr_t in, idx_t in_len, data_ptr_t out,
+                            idx_t out_len) {
 
   switch (mode) {
   case ENCRYPT:
-    if (1 != EVP_EncryptUpdate(context, data_ptr_cast(out), reinterpret_cast<int *>(&out_len),
+    if (1 != EVP_EncryptUpdate(context, data_ptr_cast(out),
+                               reinterpret_cast<int *>(&out_len),
                                const_data_ptr_cast(in), (int)in_len)) {
       throw InternalException("Encryption failed at OpenSSL EVP_EncryptUpdate");
     }
     break;
 
   case DECRYPT:
-    if (1 != EVP_DecryptUpdate(context, data_ptr_cast(out), reinterpret_cast<int *>(&out_len),
+    if (1 != EVP_DecryptUpdate(context, data_ptr_cast(out),
+                               reinterpret_cast<int *>(&out_len),
                                const_data_ptr_cast(in), (int)in_len)) {
 
       throw InternalException("Decryption failed at OpenSSL EVP_DecryptUpdate");
@@ -151,13 +160,15 @@ size_t AESStateSSL::Process(const_data_ptr_t in, idx_t in_len, data_ptr_t out, i
   return out_len;
 }
 
-size_t AESStateSSL::Finalize(data_ptr_t out, idx_t out_len, data_ptr_t tag, idx_t tag_len) {
+size_t AESStateSSL::Finalize(data_ptr_t out, idx_t out_len, data_ptr_t tag,
+                             idx_t tag_len) {
   auto text_len = out_len;
 
   switch (mode) {
 
   case ENCRYPT:
-    if (1 != EVP_EncryptFinal_ex(context, data_ptr_cast(out) + out_len, reinterpret_cast<int *>(&out_len))) {
+    if (1 != EVP_EncryptFinal_ex(context, data_ptr_cast(out) + out_len,
+                                 reinterpret_cast<int *>(&out_len))) {
       throw InternalException("EncryptFinal failed");
     }
 
@@ -166,31 +177,32 @@ size_t AESStateSSL::Finalize(data_ptr_t out, idx_t out_len, data_ptr_t tag, idx_
     }
 
     // The computed tag is written at the end of a chunk for OCB and GCM
-    if (1 != EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_GCM_GET_TAG, tag_len,
-                                 tag)) {
+    if (1 != EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_GCM_GET_TAG, tag_len, tag)) {
       throw InternalException("Calculating the tag failed");
     }
     return text_len;
 
   case DECRYPT:
 
-    if (algorithm != CTR){
+    if (algorithm != CTR) {
       // Set expected tag value
-      if (!EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_GCM_SET_TAG, tag_len,
-                               tag)) {
+      if (!EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_GCM_SET_TAG, tag_len, tag)) {
         throw InternalException("Finalizing tag failed");
       }
     }
 
-    // EVP_DecryptFinal() will return an error code if final block is not correctly formatted.
-    int ret = EVP_DecryptFinal_ex(context, data_ptr_cast(out) + out_len, reinterpret_cast<int *>(&out_len));
+    // EVP_DecryptFinal() will return an error code if final block is not
+    // correctly formatted.
+    int ret = EVP_DecryptFinal_ex(context, data_ptr_cast(out) + out_len,
+                                  reinterpret_cast<int *>(&out_len));
     text_len += out_len;
 
     if (ret > 0) {
       // success
       return text_len;
     }
-    throw InvalidInputException("Computed AES tag differs from read AES tag, are you using the right key?");
+    throw InvalidInputException("Computed AES tag differs from read AES tag, "
+                                "are you using the right key?");
   }
 }
 

diff --git a/src/core/functions/cast/varchar_cast.cpp b/src/core/functions/cast/varchar_cast.cpp
@@ -12,4 +12,4 @@ namespace core {
 // do something
 
 }
-}
+} // namespace simple_encrypt
diff --git a/src/core/functions/function_data/encrypt_function_data.cpp b/src/core/functions/function_data/encrypt_function_data.cpp
@@ -17,14 +17,14 @@ bool EncryptFunctionData::Equals(const FunctionData &other_p) const {
   return true;
 }
 
-unique_ptr<FunctionData> EncryptFunctionData::EncryptBind(ClientContext &context, ScalarFunction &bound_function,
-                                         vector<unique_ptr<Expression>> &arguments) {
+unique_ptr<FunctionData>
+EncryptFunctionData::EncryptBind(ClientContext &context,
+                                 ScalarFunction &bound_function,
+                                 vector<unique_ptr<Expression>> &arguments) {
   // here, implement bound statements?
 
   // do something
   return make_uniq<EncryptFunctionData>(context);
 }
-}
-}
-
-
+} // namespace core
+} // namespace simple_encryption