kou commented on code in PR #45695:
URL: https://github.com/apache/arrow/pull/45695#discussion_r1994578129
##########
cpp/src/gandiva/encrypt_utils.cc:
##########
@@ -17,21 +17,41 @@
#include "gandiva/encrypt_utils.h"
+#include <sstream>
#include <stdexcept>
+namespace {
+const EVP_CIPHER* get_cipher_algo(int32_t key_length) {
+ switch (key_length) {
+ case 16:
+ return EVP_aes_128_ecb();
+ case 24:
+ return EVP_aes_192_ecb();
+ case 32:
+ return EVP_aes_256_ecb();
+ default: {
+ std::ostringstream oss;
+ oss << "unsupported key length: " << key_length;
+ throw std::runtime_error(oss.str());
+ }
+ }
+}
+} // namespace
+
namespace gandiva {
GANDIVA_EXPORT
int32_t aes_encrypt(const char* plaintext, int32_t plaintext_len, const char*
key,
- unsigned char* cipher) {
+ int32_t key_len, unsigned char* cipher) {
int32_t cipher_len = 0;
int32_t len = 0;
EVP_CIPHER_CTX* en_ctx = EVP_CIPHER_CTX_new();
+ const EVP_CIPHER* cipher_algo = get_cipher_algo(key_len);
if (!en_ctx) {
throw std::runtime_error("could not create a new evp cipher ctx for
encryption");
}
- if (!EVP_EncryptInit_ex(en_ctx, EVP_aes_128_ecb(), nullptr,
+ if (!EVP_EncryptInit_ex(en_ctx, cipher_algo, nullptr,
reinterpret_cast<const unsigned char*>(key),
nullptr)) {
throw std::runtime_error("could not initialize evp cipher ctx for
encryption");
Review Comment:
This is not related to this PR but it seems that we need to call
`EVP_CIPHER_CTX_free(en_ctx)` on error.
(We can work on this as a follow-up task. We can use RAII for it.)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscr...@arrow.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
