add new decrypt_sum function to ASHE

a4559a97 · yiwenshao · 2bcb7b4f · a4559a97 · a4559a97 · a4559a97
Commit a4559a97 authored Mar 13, 2018 by yiwenshao
7 changed files
--- a/conf/CURRENT.conf
+++ b/conf/CURRENT.conf
@@ -3,7 +3,7 @@
 #oAGG: HOM
 #oASHE: ASHE
 [onions for num]
-oDET: DET
+oDET: DETJOIN DET RND
 oOPE: OPE
 oAGG: HOM
 #oASHE: ASHE

--- a/main/CryptoHandlers.cc
+++ b/main/CryptoHandlers.cc
@@ -1657,20 +1657,26 @@ ASHE::encrypt(const Item &ptext, uint64_t IV) const{
 }

 Item *
-ASHE::decrypt(const Item &ctext, uint64_t IV) const
-{
+ASHE::decrypt(const Item &ctext, uint64_t IV) const {
    long long ct = const_cast<Item &>(ctext).val_uint();
    auto res = ashe.decrypt(ct,IV);
    return new (current_thd->mem_root)
               Item_int(static_cast<ulonglong>(res));
 }

+Item *
+ASHE::decrypt_sum(const Item &ctext) {
+    const std::string plainstr = ItemToString(ctext);
+    std::cout<<"ctext: "<<plainstr<<std::endl;
+    return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, plainstr);
+}
+
+
 Item *
 ASHE::sumUDA(Item *const expr) const
 {
    List<Item> l;
    l.push_back(expr);
-//    l.push_back(ZZToItemStr(sk->hompubkey()));
    return new (current_thd->mem_root) Item_func_udf_str(&u_sumashe_a, l);
 }


--- a/main/CryptoHandlers.hh
+++ b/main/CryptoHandlers.hh
@@ -182,10 +182,8 @@ private:

 class ASHE : public EncLayer {
 public:
-    ASHE(const Create_field &cf, const std::string &seed_key):seed_key(seed_key),ashe(1){
-
-    }
-
+    ASHE(const Create_field &cf, const std::string &seed_key):
+                                   seed_key(seed_key),ashe(1){}
    // serialize and deserialize
    std::string doSerialize() const {return seed_key;}
    ASHE(unsigned int id, const std::string &serial);
@@ -199,6 +197,7 @@ public:
    //TODO needs multi encrypt and decrypt
    Item *encrypt(const Item &p, uint64_t IV) const;
    Item * decrypt(const Item &c, uint64_t IV) const;
+    Item * decrypt_sum(const Item &ctext);
    Item * sumUDA(Item *const expr) const;
    
 protected:

--- a/main/dbobject.hh
+++ b/main/dbobject.hh
@@ -166,10 +166,10 @@ public:

    // FIXME: Use rtti.
    virtual std::string typeName() const = 0;
-    /* */
+    /*fetch children from embedded db*/
    virtual std::vector<DBMeta *>
        fetchChildren(const std::unique_ptr<Connect> &e_conn) = 0;
-    /* */
+    /*apply function to each child*/
    virtual bool
        applyToChildren(std::function<bool(const DBMeta &)>) const = 0;
    /*traverse the map to get the key for the conresponding child(reference MappedDBMeta)*/

--- a/main/rewrite_main.cc
+++ b/main/rewrite_main.cc
@@ -1395,11 +1395,13 @@ std::string ReturnMeta::stringify() {
 }


-//有了准备好的合适的meta以后, 对于ResType类型进来的加密数据, 可以解密变成明文的resType
+/*Transform encrypted ResType into plaintext ResType
+ *ReturnMeta contains metadata form layers of decryption
+ *
+*/
 ResType
 Rewriter::decryptResults(const ResType &dbres, const ReturnMeta &rmeta)
 {
-    //这个success是构造的时候写入的.
    assert(dbres.success());

    const unsigned int rows = dbres.rows.size();
@@ -1410,20 +1412,17 @@ Rewriter::decryptResults(const ResType &dbres, const ReturnMeta &rmeta)

    for (auto it = dbres.names.begin();
        it != dbres.names.end(); it++) {
-        //返回的匿名的名字, 一列下标从0开始.
        const unsigned int index = it - dbres.names.begin();
-        //根据下标获得rfmeta
+        //use index to get either salt or metadata for encrypted field.
        const ReturnField &rf = rmeta.rfmeta.at(index);
        if (!rf.getIsSalt()) {
-            //need to return this field
-            //存的时候, 不是salt, 已经存储了明文的名字.
+            //plaintext column name
            dec_names.push_back(rf.fieldCalled());
        }
    }

    const unsigned int real_cols = dec_names.size();

-    //为每个数据行初始化指针空间
    std::vector<std::vector<Item *> > dec_rows(rows);
    for (unsigned int i = 0; i < rows; i++) {
        dec_rows[i] = std::vector<Item *>(real_cols);
@@ -1435,7 +1434,6 @@ Rewriter::decryptResults(const ResType &dbres, const ReturnMeta &rmeta)
        if (rf.getIsSalt()) {
            continue;
        }
-	//获得key, 存在fieldMeta中
        FieldMeta *const fm = rf.getOLK().key;

        for (unsigned int r = 0; r < rows; r++) {
@@ -1445,14 +1443,14 @@ Rewriter::decryptResults(const ResType &dbres, const ReturnMeta &rmeta)
            } else {
                uint64_t salt = 0;
                const int salt_pos = rf.getSaltPosition();
-                //如果存在salt, 则读取远端的salt值, 转化以后用于解密.
+                //use salt_pos to read the salt from remote results.
                if (salt_pos >= 0) {
                    Item_int *const salt_item =
                        static_cast<Item_int *>(dbres.rows[r][salt_pos]);
                    assert_s(!salt_item->null_value, "salt item is null");
                    salt = salt_item->value;
                }
-                //层次化的解密.
+                //layers of decryption.
                dec_rows[r][col_index] = 
                    decrypt_item_layers(*dbres.rows[r][c],
                                        fm, rf.getOLK().o, salt);

--- a/main/schema.cc
+++ b/main/schema.cc
@@ -13,8 +13,6 @@
 #include <main/macro_util.hh>

 #include "util/onions.hh"
-//对于schemaInfo而言, 先获得自己的id, 作为parent, 可以查找底下的databasemeta的serial,key以及id
-//然后通过lambda表达式,先把databasemeta加入到schemainfo的map中, 然后返回这写个databasemeta供后续使用. 

 /*
 *for example, we have schemaInfo, then in this function, it first fetch it's own id, and use it as parent
@@ -368,8 +366,6 @@ std::string FieldMeta::stringify() const
    return res;
 }

-//这里FieldMeta的getChildren是pair,OnionMetaKey,OnionMeta, 其中
-//onionMeta有根据Uniq排序输出为vector
 std::vector<std::pair<const OnionMetaKey *, OnionMeta *>>
 FieldMeta::orderedOnionMetas() const
 {
@@ -489,11 +485,10 @@ bool FieldMeta::hasOnion(onion o) const
 }

 std::unique_ptr<TableMeta>
-TableMeta::deserialize(unsigned int id, const std::string &serial)
-{
+TableMeta::deserialize(unsigned int id, const std::string &serial) {
    assert(id != 0);
    const auto vec = unserialize_string(serial);
-    //table 的解序列化有5个项目.
+    //five items to be deserialized
    assert(5 == vec.size());

    const std::string anon_table_name = vec[0];
@@ -507,10 +502,9 @@ TableMeta::deserialize(unsigned int id, const std::string &serial)
                       salt_name, counter));
 }

-//table有5个要素需要进行编码, 匿名的名字, sensitive的bool,salt的bool,salt的名字, 以及counter
-//为什么tableMeta和FieldMeta需要继承UniqueCounter
-std::string TableMeta::serialize(const DBObject &parent) const
-{
+//five items to be serialized
+std::string 
+TableMeta::serialize(const DBObject &parent) const {
    const std::string &serial = 
        serialize_string(getAnonTableName()) +
        serialize_string(bool_to_string(hasSensitive)) +

--- a/main/schema.hh
+++ b/main/schema.hh
@@ -162,8 +162,6 @@ private:
                                             const Create_field &cf);
    uint64_t &getCounter_() {return counter;}
 };
-
-//salt只是一个IV, 为什么还需要随机的名字: 因为field 需要有名字, 不然没法查询.
 class TableMeta : public MappedDBMeta<FieldMeta, IdentityMetaKey>,
                  public UniqueCounter {
 public:
@@ -178,7 +176,6 @@ public:
    // Restore.
    static std::unique_ptr<TableMeta>
        deserialize(unsigned int id, const std::string &serial);
-
    TableMeta(unsigned int id, const std::string &anon_table_name,
              bool has_sensitive, bool has_salt,
              const std::string &salt_name, unsigned int counter)
@@ -186,9 +183,7 @@ public:
          has_salt(has_salt), salt_name(salt_name),
          anon_table_name(anon_table_name), counter(counter) {
          }
-
    ~TableMeta() {;}
-
    std::string serialize(const DBObject &parent) const;
    std::string getAnonTableName() const;
    std::vector<FieldMeta *> orderedFieldMetas() const;