Skip to content

P
Practical-Cryptdb
Commit d3bc7806 authored by yiwenshao's avatar yiwenshao
Browse files
Options

add test layers

parent 0bdf8000
Hide whitespace changes
Inline Side-by-side
Showing with 1175 additions and 211 deletions
debug/test_layer_ASHE.cc 0 → 100644
View file @ d3bc7806
#include "parser/sql_utils.hh"
#include <stdlib.h>
#include <stdio.h>
#include <string>
#include <map>
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <algorithm>
#include "main/CryptoHandlers.hh"
#include "wrapper/reuse.hh"
#include "wrapper/common.hh"
#include "wrapper/insert_lib.hh"
#include "util/constants.hh"
#include "util/timer.hh"
#include "util/log.hh"
#include "util/onions.hh"
using std::cout;
using std::cin;
using std::endl;
using std::vector;
using std::string;
using std::to_string;
static std::string embeddedDir="/t/cryt/shadow";
static std::map<std::string, WrapperState*> clients;
//This connection mimics the behaviour of MySQL-Proxy
Connect *globalConn;
/*for each field, convert the format to FieldMeta_Wrapper*/
static void init(){
std::string client="192.168.1.1:1234";
//one Wrapper per user.
clients[client] = new WrapperState();
//Connect phase
ConnectionInfo ci("localhost", "root", "letmein",3306);
const std::string master_key = "113341234";
char *buffer;
if((buffer = getcwd(NULL, 0)) == NULL){
perror("getcwd error");
}
embeddedDir = std::string(buffer)+"/shadow";
SharedProxyState *shared_ps =
new SharedProxyState(ci, embeddedDir , master_key,
determineSecurityRating());
assert(0 == mysql_thread_init());
//we init embedded database here.
clients[client]->ps = std::unique_ptr<ProxyState>(new ProxyState(*shared_ps));
clients[client]->ps->safeCreateEmbeddedTHD();
//Connect end!!
globalConn = new Connect(ci.server, ci.user, ci.passwd, ci.port);
}
static
Item *
getItemInt(std::string input) {
return new (current_thd->mem_root)
Item_int(static_cast<ulonglong>(valFromStr(input)));
}
/*
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
static
Create_field* getStringField(int length) {
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_VARCHAR;
f->length = length;
return f;
}
static
Create_field* getUnsignedIntField(){
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_LONG;
f->flags |= UNSIGNED_FLAG;
return f;
}
*/
int
main() {
init();
create_embedded_thd(0);
std::string key = "key";
Create_field *cf = NULL;
ASHE* as = new ASHE(*cf, key);
Item* plain = getItemInt("123");
Item* enc = as->encrypt(*plain,0u);
Item* dec = as->decrypt(*enc,0u);
(void)dec;
return 0;
}
//main/schema.cc:83 is use to create layers of encryption
debug/test_layer_DET_int.cc 0 → 100644
View file @ d3bc7806
#include "parser/sql_utils.hh"
#include <stdlib.h>
#include <stdio.h>
#include <string>
#include <map>
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <algorithm>
#include "main/CryptoHandlers.hh"
#include "wrapper/reuse.hh"
#include "wrapper/common.hh"
#include "wrapper/insert_lib.hh"
#include "util/constants.hh"
#include "util/timer.hh"
#include "util/log.hh"
#include "util/onions.hh"
using std::cout;
using std::cin;
using std::endl;
using std::vector;
using std::string;
using std::to_string;
static std::string embeddedDir="/t/cryt/shadow";
static std::map<std::string, WrapperState*> clients;
//This connection mimics the behaviour of MySQL-Proxy
Connect *globalConn;
/*for each field, convert the format to FieldMeta_Wrapper*/
static void init(){
std::string client="192.168.1.1:1234";
//one Wrapper per user.
clients[client] = new WrapperState();
//Connect phase
ConnectionInfo ci("localhost", "root", "letmein",3306);
const std::string master_key = "113341234";
char *buffer;
if((buffer = getcwd(NULL, 0)) == NULL){
perror("getcwd error");
}
embeddedDir = std::string(buffer)+"/shadow";
SharedProxyState *shared_ps =
new SharedProxyState(ci, embeddedDir , master_key,
determineSecurityRating());
assert(0 == mysql_thread_init());
//we init embedded database here.
clients[client]->ps = std::unique_ptr<ProxyState>(new ProxyState(*shared_ps));
clients[client]->ps->safeCreateEmbeddedTHD();
//Connect end!!
globalConn = new Connect(ci.server, ci.user, ci.passwd, ci.port);
}
/*
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}*/
static
Item *
getItemInt(std::string input) {
return new (current_thd->mem_root)
Item_int(static_cast<ulonglong>(valFromStr(input)));
}
/*
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
static
Create_field* getStringField(int length) {
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_VARCHAR;
f->length = length;
return f;
}
*/
static
Create_field* getUnsignedIntField(){
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_LONG;
f->flags |= UNSIGNED_FLAG;
return f;
}
int
main() {
init();
create_embedded_thd(0);
std::string key = "key";
Create_field *cf = getUnsignedIntField();
DET_int* ds = new DET_int(*cf, key);
Item* plain = getItemInt("123");
Item* enc = ds->encrypt(*plain,0u);
Item* dec = ds->decrypt(*enc,0u);
(void)dec;
return 0;
}
//main/schema.cc:83 is use to create layers of encryption
debug/test_layer_HOM.cc 0 → 100644
View file @ d3bc7806
#include "parser/sql_utils.hh"
#include <stdlib.h>
#include <stdio.h>
#include <string>
#include <map>
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <algorithm>
#include "main/CryptoHandlers.hh"
#include "wrapper/reuse.hh"
#include "wrapper/common.hh"
#include "wrapper/insert_lib.hh"
#include "util/constants.hh"
#include "util/timer.hh"
#include "util/log.hh"
#include "util/onions.hh"
using std::cout;
using std::cin;
using std::endl;
using std::vector;
using std::string;
using std::to_string;
static std::string embeddedDir="/t/cryt/shadow";
static std::map<std::string, WrapperState*> clients;
//This connection mimics the behaviour of MySQL-Proxy
Connect *globalConn;
/*for each field, convert the format to FieldMeta_Wrapper*/
static void init(){
std::string client="192.168.1.1:1234";
//one Wrapper per user.
clients[client] = new WrapperState();
//Connect phase
ConnectionInfo ci("localhost", "root", "letmein",3306);
const std::string master_key = "113341234";
char *buffer;
if((buffer = getcwd(NULL, 0)) == NULL){
perror("getcwd error");
}
embeddedDir = std::string(buffer)+"/shadow";
SharedProxyState *shared_ps =
new SharedProxyState(ci, embeddedDir , master_key,
determineSecurityRating());
assert(0 == mysql_thread_init());
//we init embedded database here.
clients[client]->ps = std::unique_ptr<ProxyState>(new ProxyState(*shared_ps));
clients[client]->ps->safeCreateEmbeddedTHD();
//Connect end!!
globalConn = new Connect(ci.server, ci.user, ci.passwd, ci.port);
}
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
/*
static
Item *
getItemInt(std::string input) {
return new (current_thd->mem_root)
Item_int(static_cast<ulonglong>(valFromStr(input)));
}
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
static
Create_field* getStringField(int length) {
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_VARCHAR;
f->length = length;
return f;
}
static
Create_field* getUnsignedIntField(){
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_LONG;
f->flags |= UNSIGNED_FLAG;
return f;
}
*/
int
main() {
init();
create_embedded_thd(0);
std::string key = "key";
Create_field *cf = NULL;
HOM* hm = new HOM(*cf, key);
Item* plain = getItemString("helloworld");
Item* enc = hm->encrypt(*plain,0u);
Item* dec = hm->decrypt(*enc,0u);
(void)dec;
return 0;
}
//main/schema.cc:83 is use to create layers of encryption
debug/test_layer_OPE_int.cc 0 → 100644
View file @ d3bc7806
#include "parser/sql_utils.hh"
#include <stdlib.h>
#include <stdio.h>
#include <string>
#include <map>
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <algorithm>
#include "main/CryptoHandlers.hh"
#include "wrapper/reuse.hh"
#include "wrapper/common.hh"
#include "wrapper/insert_lib.hh"
#include "util/constants.hh"
#include "util/timer.hh"
#include "util/log.hh"
#include "util/onions.hh"
using std::cout;
using std::cin;
using std::endl;
using std::vector;
using std::string;
using std::to_string;
static std::string embeddedDir="/t/cryt/shadow";
static std::map<std::string, WrapperState*> clients;
//This connection mimics the behaviour of MySQL-Proxy
Connect *globalConn;
/*for each field, convert the format to FieldMeta_Wrapper*/
static void init(){
std::string client="192.168.1.1:1234";
//one Wrapper per user.
clients[client] = new WrapperState();
//Connect phase
ConnectionInfo ci("localhost", "root", "letmein",3306);
const std::string master_key = "113341234";
char *buffer;
if((buffer = getcwd(NULL, 0)) == NULL){
perror("getcwd error");
}
embeddedDir = std::string(buffer)+"/shadow";
SharedProxyState *shared_ps =
new SharedProxyState(ci, embeddedDir , master_key,
determineSecurityRating());
assert(0 == mysql_thread_init());
//we init embedded database here.
clients[client]->ps = std::unique_ptr<ProxyState>(new ProxyState(*shared_ps));
clients[client]->ps->safeCreateEmbeddedTHD();
//Connect end!!
globalConn = new Connect(ci.server, ci.user, ci.passwd, ci.port);
}
/*
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}*/
static
Item *
getItemInt(std::string input) {
return new (current_thd->mem_root)
Item_int(static_cast<ulonglong>(valFromStr(input)));
}
/*
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
static
Create_field* getStringField(int length) {
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_VARCHAR;
f->length = length;
return f;
}
*/
static
Create_field* getUnsignedIntField(){
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_LONG;
f->flags |= UNSIGNED_FLAG;
return f;
}
int
main() {
init();
create_embedded_thd(0);
std::string key = "key";
Create_field *cf = getUnsignedIntField();
OPE_int* op = new OPE_int(*cf, key);
Item* plain = getItemInt("123"); //getItemString("helloworld");
Item* enc = op->encrypt(*plain,0u);
Item* dec = op->decrypt(*enc,0u);
(void)dec;
return 0;
}
//main/schema.cc:83 is use to create layers of encryption
debug/test_layer_OPE_str.cc 0 → 100644
View file @ d3bc7806
#include "parser/sql_utils.hh"
#include <stdlib.h>
#include <stdio.h>
#include <string>
#include <map>
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <algorithm>
#include "main/CryptoHandlers.hh"
#include "wrapper/reuse.hh"
#include "wrapper/common.hh"
#include "wrapper/insert_lib.hh"
#include "util/constants.hh"
#include "util/timer.hh"
#include "util/log.hh"
#include "util/onions.hh"
using std::cout;
using std::cin;
using std::endl;
using std::vector;
using std::string;
using std::to_string;
static std::string embeddedDir="/t/cryt/shadow";
static std::map<std::string, WrapperState*> clients;
//This connection mimics the behaviour of MySQL-Proxy
Connect *globalConn;
/*for each field, convert the format to FieldMeta_Wrapper*/
static void init(){
std::string client="192.168.1.1:1234";
//one Wrapper per user.
clients[client] = new WrapperState();
//Connect phase
ConnectionInfo ci("localhost", "root", "letmein",3306);
const std::string master_key = "113341234";
char *buffer;
if((buffer = getcwd(NULL, 0)) == NULL){
perror("getcwd error");
}
embeddedDir = std::string(buffer)+"/shadow";
SharedProxyState *shared_ps =
new SharedProxyState(ci, embeddedDir , master_key,
determineSecurityRating());
assert(0 == mysql_thread_init());
//we init embedded database here.
clients[client]->ps = std::unique_ptr<ProxyState>(new ProxyState(*shared_ps));
clients[client]->ps->safeCreateEmbeddedTHD();
//Connect end!!
globalConn = new Connect(ci.server, ci.user, ci.passwd, ci.port);
}
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
/*
static
Item *
getItemInt(std::string input) {
return new (current_thd->mem_root)
Item_int(static_cast<ulonglong>(valFromStr(input)));
}
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
static
Create_field* getStringField(int length) {
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_VARCHAR;
f->length = length;
return f;
}
static
Create_field* getUnsignedIntField(){
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_LONG;
f->flags |= UNSIGNED_FLAG;
return f;
}
*/
int
main() {
init();
create_embedded_thd(0);
std::string key = "key";
Create_field *cf = NULL;
OPE_str* op = new OPE_str(*cf, key);
Item* plain = getItemString("helloworld");
Item* enc = op->encrypt(*plain,0u);
// Item* dec = op->decrypt(*enc,0u);
(void)enc;
return 0;
}
//main/schema.cc:83 is use to create layers of encryption
debug/test_layer_RND_int.cc 0 → 100644
View file @ d3bc7806
#include "parser/sql_utils.hh"
#include <stdlib.h>
#include <stdio.h>
#include <string>
#include <map>
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <algorithm>
#include "main/CryptoHandlers.hh"
#include "wrapper/reuse.hh"
#include "wrapper/common.hh"
#include "wrapper/insert_lib.hh"
#include "util/constants.hh"
#include "util/timer.hh"
#include "util/log.hh"
#include "util/onions.hh"
using std::cout;
using std::cin;
using std::endl;
using std::vector;
using std::string;
using std::to_string;
static std::string embeddedDir="/t/cryt/shadow";
static std::map<std::string, WrapperState*> clients;
//This connection mimics the behaviour of MySQL-Proxy
Connect *globalConn;
/*for each field, convert the format to FieldMeta_Wrapper*/
static void init(){
std::string client="192.168.1.1:1234";
//one Wrapper per user.
clients[client] = new WrapperState();
//Connect phase
ConnectionInfo ci("localhost", "root", "letmein",3306);
const std::string master_key = "113341234";
char *buffer;
if((buffer = getcwd(NULL, 0)) == NULL){
perror("getcwd error");
}
embeddedDir = std::string(buffer)+"/shadow";
SharedProxyState *shared_ps =
new SharedProxyState(ci, embeddedDir , master_key,
determineSecurityRating());
assert(0 == mysql_thread_init());
//we init embedded database here.
clients[client]->ps = std::unique_ptr<ProxyState>(new ProxyState(*shared_ps));
clients[client]->ps->safeCreateEmbeddedTHD();
//Connect end!!
globalConn = new Connect(ci.server, ci.user, ci.passwd, ci.port);
}
/*
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}*/
static
Item *
getItemInt(std::string input) {
return new (current_thd->mem_root)
Item_int(static_cast<ulonglong>(valFromStr(input)));
}
/*
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
static
Create_field* getStringField(int length) {
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_VARCHAR;
f->length = length;
return f;
}
*/
static
Create_field* getUnsignedIntField(){
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_LONG;
f->flags |= UNSIGNED_FLAG;
return f;
}
int
main() {
init();
create_embedded_thd(0);
std::string key = "key";
Create_field *cf = getUnsignedIntField();
RND_int* ri = new RND_int(*cf, key);
Item* plain = getItemInt("123");
Item* enc = ri->encrypt(*plain,0u);
Item* dec = ri->decrypt(*enc,0u);
(void)dec;
return 0;
}
//main/schema.cc:83 is use to create layers of encryption
debug/test_layer_RND_str.cc 0 → 100644
View file @ d3bc7806
#include "parser/sql_utils.hh"
#include <stdlib.h>
#include <stdio.h>
#include <string>
#include <map>
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <algorithm>
#include "main/CryptoHandlers.hh"
#include "wrapper/reuse.hh"
#include "wrapper/common.hh"
#include "wrapper/insert_lib.hh"
#include "util/constants.hh"
#include "util/timer.hh"
#include "util/log.hh"
#include "util/onions.hh"
using std::cout;
using std::cin;
using std::endl;
using std::vector;
using std::string;
using std::to_string;
static std::string embeddedDir="/t/cryt/shadow";
static std::map<std::string, WrapperState*> clients;
//This connection mimics the behaviour of MySQL-Proxy
Connect *globalConn;
/*for each field, convert the format to FieldMeta_Wrapper*/
static void init(){
std::string client="192.168.1.1:1234";
//one Wrapper per user.
clients[client] = new WrapperState();
//Connect phase
ConnectionInfo ci("localhost", "root", "letmein",3306);
const std::string master_key = "113341234";
char *buffer;
if((buffer = getcwd(NULL, 0)) == NULL){
perror("getcwd error");
}
embeddedDir = std::string(buffer)+"/shadow";
SharedProxyState *shared_ps =
new SharedProxyState(ci, embeddedDir , master_key,
determineSecurityRating());
assert(0 == mysql_thread_init());
//we init embedded database here.
clients[client]->ps = std::unique_ptr<ProxyState>(new ProxyState(*shared_ps));
clients[client]->ps->safeCreateEmbeddedTHD();
//Connect end!!
globalConn = new Connect(ci.server, ci.user, ci.passwd, ci.port);
}
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
/*
static
Item *
getItemInt(std::string input) {
return new (current_thd->mem_root)
Item_int(static_cast<ulonglong>(valFromStr(input)));
}
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
static
Create_field* getStringField(int length) {
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_VARCHAR;
f->length = length;
return f;
}
static
Create_field* getUnsignedIntField(){
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_LONG;
f->flags |= UNSIGNED_FLAG;
return f;
}
*/
int
main() {
init();
create_embedded_thd(0);
std::string key = "key";
Create_field *cf = NULL;
RND_str* rs = new RND_str(*cf, key);
Item* plain = getItemString("helloworld");
Item* enc = rs->encrypt(*plain,0u);
Item* dec = rs->decrypt(*enc,0u);
(void)dec;
return 0;
}
//main/schema.cc:83 is use to create layers of encryption
debug/test_layer_SWP.cc 0 → 100644
View file @ d3bc7806
#include "parser/sql_utils.hh"
#include <stdlib.h>
#include <stdio.h>
#include <string>
#include <map>
#include <iostream>
#include <fstream>
#include <sstream>
#include <vector>
#include <algorithm>
#include "main/CryptoHandlers.hh"
#include "wrapper/reuse.hh"
#include "wrapper/common.hh"
#include "wrapper/insert_lib.hh"
#include "util/constants.hh"
#include "util/timer.hh"
#include "util/log.hh"
#include "util/onions.hh"
using std::cout;
using std::cin;
using std::endl;
using std::vector;
using std::string;
using std::to_string;
static std::string embeddedDir="/t/cryt/shadow";
static std::map<std::string, WrapperState*> clients;
//This connection mimics the behaviour of MySQL-Proxy
Connect *globalConn;
/*for each field, convert the format to FieldMeta_Wrapper*/
static void init(){
std::string client="192.168.1.1:1234";
//one Wrapper per user.
clients[client] = new WrapperState();
//Connect phase
ConnectionInfo ci("localhost", "root", "letmein",3306);
const std::string master_key = "113341234";
char *buffer;
if((buffer = getcwd(NULL, 0)) == NULL){
perror("getcwd error");
}
embeddedDir = std::string(buffer)+"/shadow";
SharedProxyState *shared_ps =
new SharedProxyState(ci, embeddedDir , master_key,
determineSecurityRating());
assert(0 == mysql_thread_init());
//we init embedded database here.
clients[client]->ps = std::unique_ptr<ProxyState>(new ProxyState(*shared_ps));
clients[client]->ps->safeCreateEmbeddedTHD();
//Connect end!!
globalConn = new Connect(ci.server, ci.user, ci.passwd, ci.port);
}
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
/*
static
Item *
getItemInt(std::string input) {
return new (current_thd->mem_root)
Item_int(static_cast<ulonglong>(valFromStr(input)));
}
static
Item *
getItemString(std::string input) {
return MySQLFieldTypeToItem(MYSQL_TYPE_STRING, input);
}
static
Create_field* getStringField(int length) {
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_VARCHAR;
f->length = length;
return f;
}
static
Create_field* getUnsignedIntField(){
Create_field *f = new Create_field;
f->sql_type = MYSQL_TYPE_LONG;
f->flags |= UNSIGNED_FLAG;
return f;
}
*/
int
main() {
init();
create_embedded_thd(0);
std::string key = "key";
Create_field *cf = NULL;
Search* sw = new Search(*cf, key);
Item* plain = getItemString("helloworld");
Item* enc = sw->encrypt(*plain,0u);
// Item* dec = ds->decrypt(*enc,0u);
(void)enc;
return 0;
}
//main/schema.cc:83 is use to create layers of encryption
main/CryptoHandlers.cc
View file @ d3bc7806
...@@ -270,7 +270,7 @@ EncLayerFactory::serializeLayer(EncLayer * el, DBMeta *parent) { ...@@ -270,7 +270,7 @@ EncLayerFactory::serializeLayer(EncLayer * el, DBMeta *parent) {
/* ========================= other helpers ============================*/ /* ========================= other helpers ============================*/
static
std::string prng_expand(const std::string &seed_key, uint key_bytes) std::string prng_expand(const std::string &seed_key, uint key_bytes)
{ {
streamrng<arc4> prng(seed_key); streamrng<arc4> prng(seed_key);
...@@ -343,33 +343,8 @@ rangeCheck(uint64_t value, std::pair<int64_t, uint64_t> inclusiveRange) ...@@ -343,33 +343,8 @@ rangeCheck(uint64_t value, std::pair<int64_t, uint64_t> inclusiveRange)
return b && value <= maximum; return b && value <= maximum;
} }
class CryptedInteger {
public:
CryptedInteger(const Create_field &cf, const std::string &key)
: key(key), field_type(cf.sql_type),
inclusiveRange(supportsRange(cf)) {}
static CryptedInteger
deserialize(const std::string &serial);
CryptedInteger(const std::string &key, enum enum_field_types type,
std::pair<int64_t, uint64_t> range)
: key(key), field_type(type), inclusiveRange(range) {}
std::string serialize() const;
void checkValue(uint64_t value) const;
std::string getKey() const {return key;}
enum enum_field_types getFieldType() const {return field_type;}
std::pair<int64_t, uint64_t> getInclusiveRange() const
{ return inclusiveRange; }
private:
const std::string key;
const enum enum_field_types field_type;
const std::pair<int64_t, uint64_t> inclusiveRange;
};
CryptedInteger
static CryptedInteger
overrideCreateFieldCryptedIntegerFactory(const Create_field &cf, overrideCreateFieldCryptedIntegerFactory(const Create_field &cf,
const std::string &key, const std::string &key,
signage s, signage s,
...@@ -447,58 +422,7 @@ CryptedInteger::serialize() const ...@@ -447,58 +422,7 @@ CryptedInteger::serialize() const
/*********************** RND ************************************************/ /*********************** RND ************************************************/
class RND_int : public EncLayer {
public:
RND_int(const Create_field &cf, const std::string &seed_key);
RND_int(unsigned int id, const CryptedInteger &cinteger);
std::string doSerialize() const;
static std::unique_ptr<RND_int>
deserialize(unsigned int id, const std::string &serial);
SECLEVEL level() const {return SECLEVEL::RND;}
std::string name() const {return "RND_int";}
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item *encrypt(const Item &ptext, uint64_t IV) const;
Item *decrypt(const Item &ctext, uint64_t IV) const;
Item * decryptUDF(Item * const col, Item * const ivcol) const;
private:
const CryptedInteger cinteger;
blowfish const bf;
static int const key_bytes = 16;
};
class RND_str : public EncLayer {
public:
RND_str(const Create_field &cf, const std::string &seed_key);
// serialize and deserialize
std::string doSerialize() const {return rawkey;}
RND_str(unsigned int id, const std::string &serial);
SECLEVEL level() const {return SECLEVEL::RND;}
std::string name() const {return "RND_str";}
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item * encrypt(const Item &ptext, uint64_t IV) const;
Item * decrypt(const Item &ctext, uint64_t IV) const;
Item * decryptUDF(Item * const col, Item * const ivcol) const;
private:
const std::string rawkey;
static const int key_bytes = 16;
static const bool do_pad = true;
const std::unique_ptr<const AES_KEY> enckey;
const std::unique_ptr<const AES_KEY> deckey;
};
static unsigned long long static unsigned long long
strtoul_(const std::string &s) strtoul_(const std::string &s)
...@@ -709,62 +633,6 @@ RND_str::decryptUDF(Item * const col, Item * const ivcol) const ...@@ -709,62 +633,6 @@ RND_str::decryptUDF(Item * const col, Item * const ivcol) const
/********** DET ************************/ /********** DET ************************/
class DET_abstract_integer : public EncLayer {
public:
DET_abstract_integer() : EncLayer() {}
DET_abstract_integer(unsigned int id)
: EncLayer(id) {}
virtual std::string name() const = 0;
virtual SECLEVEL level() const = 0;
std::string doSerialize() const;
template <typename Type>
static std::unique_ptr<Type>
deserialize(unsigned int id, const std::string &serial);
Create_field *newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
// FIXME: final
Item *encrypt(const Item &ptext, uint64_t IV) const;
Item *decrypt(const Item &ctext, uint64_t IV) const;
Item *decryptUDF(Item *const col, Item *const ivcol = NULL) const;
protected:
static const int bf_key_size = 16;
private:
std::string getKeyFromSerial(const std::string &serial);
virtual const CryptedInteger &getCInteger_() const = 0;
virtual const blowfish &getBlowfish_() const = 0;
};
class DET_int : public DET_abstract_integer {
public:
DET_int(const Create_field &cf, const std::string &seed_key)
: DET_abstract_integer(),
cinteger(overrideCreateFieldCryptedIntegerFactory(cf,
prng_expand(seed_key, bf_key_size),
signage::UNSIGNED,
MYSQL_TYPE_LONGLONG)),
bf(cinteger.getKey()) {}
// create object from serialized contents
DET_int(unsigned int id, const CryptedInteger &cinteger)
: DET_abstract_integer(id), cinteger(cinteger), bf(cinteger.getKey()) {}
virtual SECLEVEL level() const {return SECLEVEL::DET;}
std::string name() const {return "DET_int";}
private:
const CryptedInteger cinteger;
const blowfish bf;
const CryptedInteger &getCInteger_() const {return cinteger;}
const blowfish &getBlowfish_() const {return bf;}
};
static udf_func u_decDETInt = { static udf_func u_decDETInt = {
LEXSTRING("cryptdb_decrypt_int_det"), LEXSTRING("cryptdb_decrypt_int_det"),
...@@ -780,29 +648,6 @@ static udf_func u_decDETInt = { ...@@ -780,29 +648,6 @@ static udf_func u_decDETInt = {
0L, 0L,
}; };
class DET_str : public EncLayer {
public:
DET_str(const Create_field &cf, const std::string &seed_key);
// serialize and deserialize
std::string doSerialize() const {return rawkey;}
DET_str(unsigned int id, const std::string &serial);
virtual SECLEVEL level() const {return SECLEVEL::DET;}
std::string name() const {return "DET_str";}
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item *encrypt(const Item &ptext, uint64_t IV) const;
Item *decrypt(const Item &ctext, uint64_t IV) const;
Item * decryptUDF(Item * const col, Item * const ivcol = NULL) const;
protected:
const std::string rawkey;
static const int key_bytes = 16;
static const bool do_pad = true;
const std::unique_ptr<const AES_KEY> enckey;
const std::unique_ptr<const AES_KEY> deckey;
};
std::unique_ptr<EncLayer> std::unique_ptr<EncLayer>
...@@ -1059,35 +904,6 @@ DETJOINFactory::deserialize(unsigned int id, const SerialLayer &sl) ...@@ -1059,35 +904,6 @@ DETJOINFactory::deserialize(unsigned int id, const SerialLayer &sl)
/**************** OPE **************************/ /**************** OPE **************************/
class OPE_int : public EncLayer {
public:
OPE_int(const Create_field &cf, const std::string &seed_key);
OPE_int(unsigned int id, const CryptedInteger &cinteger,
size_t plain_size, size_t ciph_size);
CryptedInteger opeHelper(const Create_field &f,
const std::string &key);
SECLEVEL level() const {return SECLEVEL::OPE;}
std::string name() const {return "OPE_int";}
std::string doSerialize() const;
static std::unique_ptr<OPE_int>
deserialize(unsigned int id, const std::string &serial);
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item *encrypt(const Item &p, uint64_t IV) const;
Item *decrypt(const Item &c, uint64_t IV) const;
private:
const CryptedInteger cinteger;
static const size_t key_bytes = 16;
const size_t plain_size;
const size_t ciph_size;
mutable OPE ope; // HACK
};
class OPEFOREIGN_int:public OPE_int{ class OPEFOREIGN_int:public OPE_int{
public: public:
...@@ -1101,32 +917,7 @@ public: ...@@ -1101,32 +917,7 @@ public:
}; };
class OPE_str : public EncLayer {
public:
OPE_str(const Create_field &cf, const std::string &seed_key);
// serialize and deserialize
std::string doSerialize() const {return key;}
OPE_str(unsigned int id, const std::string &serial);
SECLEVEL level() const {return SECLEVEL::OPE;}
std::string name() const {return "OPE_str";}
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item *encrypt(const Item &p, uint64_t IV) const;
Item *decrypt(const Item &c, uint64_t IV) const
__attribute__((noreturn));
private:
const std::string key;
// HACK.
mutable OPE ope;
static const size_t key_bytes = 16;
static const size_t plain_size = 4;
static const size_t ciph_size = 8;
};
class OPEFOREIGN_str: public OPE_str{ class OPEFOREIGN_str: public OPE_str{
public: public:
......
main/CryptoHandlers.hh
View file @ d3bc7806
...@@ -20,6 +20,8 @@ ...@@ -20,6 +20,8 @@
#include <sql_insert.h> #include <sql_insert.h>
#include <sql_update.h> #include <sql_update.h>
#include "parser/mysql_type_metadata.hh"
/* Class hierarchy: /* Class hierarchy:
* EncLayer: * EncLayer:
...@@ -84,6 +86,65 @@ protected: ...@@ -84,6 +86,65 @@ protected:
friend class EncLayerFactory; friend class EncLayerFactory;
}; };
class DET_str : public EncLayer {
public:
DET_str(const Create_field &cf, const std::string &seed_key);
// serialize and deserialize
std::string doSerialize() const {return rawkey;}
DET_str(unsigned int id, const std::string &serial);
virtual SECLEVEL level() const {return SECLEVEL::DET;}
std::string name() const {return "DET_str";}
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item *encrypt(const Item &ptext, uint64_t IV) const;
Item *decrypt(const Item &ctext, uint64_t IV) const;
Item * decryptUDF(Item * const col, Item * const ivcol = NULL) const;
protected:
const std::string rawkey;
static const int key_bytes = 16;
static const bool do_pad = true;
const std::unique_ptr<const AES_KEY> enckey;
const std::unique_ptr<const AES_KEY> deckey;
};
class RND_str : public EncLayer {
public:
RND_str(const Create_field &cf, const std::string &seed_key);
// serialize and deserialize
std::string doSerialize() const {return rawkey;}
RND_str(unsigned int id, const std::string &serial);
SECLEVEL level() const {return SECLEVEL::RND;}
std::string name() const {return "RND_str";}
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item * encrypt(const Item &ptext, uint64_t IV) const;
Item * decrypt(const Item &ctext, uint64_t IV) const;
Item * decryptUDF(Item * const col, Item * const ivcol) const;
private:
const std::string rawkey;
static const int key_bytes = 16;
static const bool do_pad = true;
const std::unique_ptr<const AES_KEY> enckey;
const std::unique_ptr<const AES_KEY> deckey;
};
class HOM : public EncLayer { class HOM : public EncLayer {
public: public:
HOM(const Create_field &cf, const std::string &seed_key); HOM(const Create_field &cf, const std::string &seed_key);
...@@ -204,10 +265,183 @@ public: ...@@ -204,10 +265,183 @@ public:
std::string doSerialize() const; std::string doSerialize() const;
}; };
class CryptedInteger {
public:
CryptedInteger(const Create_field &cf, const std::string &key)
: key(key), field_type(cf.sql_type),
inclusiveRange(supportsRange(cf)) {}
static CryptedInteger
deserialize(const std::string &serial);
CryptedInteger(const std::string &key, enum enum_field_types type,
std::pair<int64_t, uint64_t> range)
: key(key), field_type(type), inclusiveRange(range) {}
std::string serialize() const;
void checkValue(uint64_t value) const;
std::string getKey() const {return key;}
enum enum_field_types getFieldType() const {return field_type;}
std::pair<int64_t, uint64_t> getInclusiveRange() const
{ return inclusiveRange; }
private:
const std::string key;
const enum enum_field_types field_type;
const std::pair<int64_t, uint64_t> inclusiveRange;
};
CryptedInteger
overrideCreateFieldCryptedIntegerFactory(const Create_field &cf,
const std::string &key,
signage s,
enum enum_field_types field_type);
class DET_abstract_integer : public EncLayer {
public:
DET_abstract_integer() : EncLayer() {}
DET_abstract_integer(unsigned int id)
: EncLayer(id) {}
virtual std::string name() const = 0;
virtual SECLEVEL level() const = 0;
std::string doSerialize() const;
template <typename Type>
static std::unique_ptr<Type>
deserialize(unsigned int id, const std::string &serial);
Create_field *newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
// FIXME: final
Item *encrypt(const Item &ptext, uint64_t IV) const;
Item *decrypt(const Item &ctext, uint64_t IV) const;
Item *decryptUDF(Item *const col, Item *const ivcol = NULL) const;
protected:
static const int bf_key_size = 16;
private:
std::string getKeyFromSerial(const std::string &serial);
virtual const CryptedInteger &getCInteger_() const = 0;
virtual const blowfish &getBlowfish_() const = 0;
};
std::string prng_expand(const std::string &seed_key, uint key_bytes);
class DET_int : public DET_abstract_integer {
public:
DET_int(const Create_field &cf, const std::string &seed_key)
: DET_abstract_integer(),
cinteger(overrideCreateFieldCryptedIntegerFactory(cf,
prng_expand(seed_key, bf_key_size),
signage::UNSIGNED,
MYSQL_TYPE_LONGLONG)),
bf(cinteger.getKey()) {}
// create object from serialized contents
DET_int(unsigned int id, const CryptedInteger &cinteger)
: DET_abstract_integer(id), cinteger(cinteger), bf(cinteger.getKey()) {}
virtual SECLEVEL level() const {return SECLEVEL::DET;}
std::string name() const {return "DET_int";}
private:
const CryptedInteger cinteger;
const blowfish bf;
const CryptedInteger &getCInteger_() const {return cinteger;}
const blowfish &getBlowfish_() const {return bf;}
};
class OPE_str : public EncLayer {
public:
OPE_str(const Create_field &cf, const std::string &seed_key);
// serialize and deserialize
std::string doSerialize() const {return key;}
OPE_str(unsigned int id, const std::string &serial);
SECLEVEL level() const {return SECLEVEL::OPE;}
std::string name() const {return "OPE_str";}
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item *encrypt(const Item &p, uint64_t IV) const;
Item *decrypt(const Item &c, uint64_t IV) const
__attribute__((noreturn));
private:
const std::string key;
// HACK.
mutable OPE ope;
static const size_t key_bytes = 16;
static const size_t plain_size = 4;
static const size_t ciph_size = 8;
};
class OPE_int : public EncLayer {
public:
OPE_int(const Create_field &cf, const std::string &seed_key);
OPE_int(unsigned int id, const CryptedInteger &cinteger,
size_t plain_size, size_t ciph_size);
CryptedInteger opeHelper(const Create_field &f,
const std::string &key);
SECLEVEL level() const {return SECLEVEL::OPE;}
std::string name() const {return "OPE_int";}
std::string doSerialize() const;
static std::unique_ptr<OPE_int>
deserialize(unsigned int id, const std::string &serial);
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item *encrypt(const Item &p, uint64_t IV) const;
Item *decrypt(const Item &c, uint64_t IV) const;
private:
const CryptedInteger cinteger;
static const size_t key_bytes = 16;
const size_t plain_size;
const size_t ciph_size;
mutable OPE ope; // HACK
};
class RND_int : public EncLayer {
public:
RND_int(const Create_field &cf, const std::string &seed_key);
RND_int(unsigned int id, const CryptedInteger &cinteger);
std::string doSerialize() const;
static std::unique_ptr<RND_int>
deserialize(unsigned int id, const std::string &serial);
SECLEVEL level() const {return SECLEVEL::RND;}
std::string name() const {return "RND_int";}
Create_field * newCreateField(const Create_field &cf,
const std::string &anonname = "")
const;
Item *encrypt(const Item &ptext, uint64_t IV) const;
Item *decrypt(const Item &ctext, uint64_t IV) const;
Item * decryptUDF(Item * const col, Item * const ivcol) const;
private:
const CryptedInteger cinteger;
blowfish const bf;
static int const key_bytes = 16;
};
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment