Re: [PR] GH-48858: [C++][Parquet] Avoid re-serializing footer for signature verification [arrow]

Tue, 20 Jan 2026 01:57:33 -0800 


pitrou commented on code in PR #48859:
URL: https://github.com/apache/arrow/pull/48859#discussion_r2707611800


##########
cpp/src/parquet/metadata.cc:
##########
@@ -834,6 +834,43 @@ class FileMetaData::FileMetaDataImpl {
                   tag, encryption::kGcmTagLength);
   }
 
+  bool VerifySignature(std::span<const uint8_t> serialized_metadata,
+                       std::span<const uint8_t> signature) {
+    // Verify decryption properties are set
+    if (file_decryptor_ == nullptr) {
+      throw ParquetException("Decryption not set properly. cannot verify 
signature");
+    }
+
+    if (signature.size() != encryption::kGcmTagLength + 
encryption::kNonceLength) {
+      throw ParquetInvalidOrCorruptedFileException(
+          "Invalid footer encryption signature (expected ",
+          encryption::kGcmTagLength + encryption::kNonceLength, " bytes, got ",
+          signature.size(), ")");
+    }
+
+    // Encrypt plaintext serialized metadata so as to compute its signature
+    auto nonce = signature.subspan(0, encryption::kNonceLength);
+    auto tag = signature.subspan(encryption::kNonceLength);
+    const SecureString& key = file_decryptor_->GetFooterKey();
+    const std::string& aad = 
encryption::CreateFooterAad(file_decryptor_->file_aad());
+
+    auto aes_encryptor = 
encryption::AesEncryptor::Make(file_decryptor_->algorithm(),
+                                                        
static_cast<int>(key.size()),
+                                                        true, false 
/*write_length*/);
+
+    std::shared_ptr<Buffer> encrypted_buffer =
+        AllocateBuffer(file_decryptor_->pool(),
+                       
aes_encryptor->CiphertextLength(serialized_metadata.size()));
+    int32_t encrypted_len = aes_encryptor->SignedFooterEncrypt(

Review Comment:
   To quote [the spec about plaintext 
footers](https://github.com/apache/parquet-format/blob/master/Encryption.md#55-plaintext-footer-mode):
   
   > The footer signing is done by encrypting the serialized FileMetaData 
structure with the AES GCM algorithm - using a footer signing key, and an AAD 
constructed according to the instructions of the section 4.4. Only the nonce 
and GCM tag are stored in the file – as a 28-byte fixed-length array, written 
right after the footer itself.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to