parquet/encryption/test_encryption_util.h

0001 // Licensed to the Apache Software Foundation (ASF) under one
0002 // or more contributor license agreements.  See the NOTICE file
0003 // distributed with this work for additional information
0004 // regarding copyright ownership.  The ASF licenses this file
0005 // to you under the Apache License, Version 2.0 (the
0006 // "License"); you may not use this file except in compliance
0007 // with the License.  You may obtain a copy of the License at
0008 //
0009 //   http://www.apache.org/licenses/LICENSE-2.0
0010 //
0011 // Unless required by applicable law or agreed to in writing,
0012 // software distributed under the License is distributed on an
0013 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
0014 // KIND, either express or implied.  See the License for the
0015 // specific language governing permissions and limitations
0016 // under the License.
0017
0018 // This module defines an abstract interface for iterating through pages in a
0019 // Parquet column chunk within a row group. It could be extended in the future
0020 // to iterate through all data pages in all chunks in a file.
0021
0022 #pragma once
0023
0024 #include <memory>
0025 #include <string>
0026 #include <unordered_map>
0027
0028 #include <gtest/gtest.h>
0029
0030 #include "arrow/filesystem/filesystem.h"
0031 #include "arrow/filesystem/localfs.h"
0032 #include "arrow/status.h"
0033 #include "arrow/util/io_util.h"
0034 #include "arrow/util/secure_string.h"
0035
0036 #include "parquet/encryption/encryption.h"
0037 #include "parquet/test_util.h"
0038
0039 namespace parquet {
0040 class ParquetFileReader;
0041 namespace encryption::test {
0042
0043 using ::arrow::internal::TemporaryDir;
0044 using ::arrow::util::SecureString;
0045
0046 constexpr int kFixedLength = 10;
0047
0048 const SecureString kFooterEncryptionKey("0123456789012345");
0049 const SecureString kColumnEncryptionKey1("1234567890123450");
0050 const SecureString kColumnEncryptionKey2("1234567890123451");
0051 const char kFileName[] = "tester";
0052
0053 // Get the path of file inside parquet test data directory
0054 std::string data_file(const char* file);
0055
0056 // A temporary directory that contains the encrypted files generated in the tests.
0057 extern std::unique_ptr<TemporaryDir> temp_dir;
0058
0059 inline ::arrow::Result<std::unique_ptr<TemporaryDir>> temp_data_dir() {
0060   return TemporaryDir::Make("parquet-encryption-test-");
0061 }
0062
0063 const char kDoubleFieldName[] = "double_field";
0064 const char kFloatFieldName[] = "float_field";
0065 const char kBooleanFieldName[] = "boolean_field";
0066 const char kInt32FieldName[] = "int32_field";
0067 const char kInt64FieldName[] = "int64_field";
0068 const char kInt96FieldName[] = "int96_field";
0069 const char kByteArrayFieldName[] = "ba_field";
0070 const char kFixedLenByteArrayFieldName[] = "flba_field";
0071
0072 const char kFooterMasterKey[] = "0123456789012345";
0073 const char kFooterMasterKeyId[] = "kf";
0074 const char* const kColumnMasterKeys[] = {"1234567890123450", "1234567890123451",
0075                                          "1234567890123452", "1234567890123453",
0076                                          "1234567890123454", "1234567890123455"};
0077 const char* const kColumnMasterKeyIds[] = {"kc1", "kc2", "kc3", "kc4", "kc5", "kc6"};
0078
0079 // New master key values used to simulate key rotation
0080 const char kNewFooterMasterKey[] = "9123456789012345";
0081 const char* const kNewColumnMasterKeys[] = {"9234567890123450", "9234567890123451",
0082                                             "9234567890123452", "9234567890123453",
0083                                             "9234567890123454", "9234567890123455"};
0084
0085 // The result of this function will be used to set into TestOnlyInMemoryKmsClientFactory
0086 // as the key mapping to look at.
0087 std::unordered_map<std::string, SecureString> BuildKeyMap(const char* const* column_ids,
0088                                                           const char* const* column_keys,
0089                                                           const char* footer_id,
0090                                                           const char* footer_key);
0091
0092 // The result of this function will be used to set into EncryptionConfiguration
0093 // as column keys.
0094 std::string BuildColumnKeyMapping();
0095
0096 // FileEncryptor and FileDecryptor are helper classes to write/read an encrypted parquet
0097 // file corresponding to each pair of FileEncryptionProperties/FileDecryptionProperties.
0098 // FileEncryptor writes the file with fixed data values and FileDecryptor reads the file
0099 // and verify the correctness of data values.
0100 class FileEncryptor {
0101  public:
0102   FileEncryptor();
0103
0104   void EncryptFile(
0105       std::string file,
0106       std::shared_ptr<parquet::FileEncryptionProperties> encryption_configurations);
0107
0108  private:
0109   std::shared_ptr<schema::GroupNode> SetupEncryptionSchema();
0110
0111   int num_rowgroups_ = 5;
0112   int rows_per_rowgroup_ = 50;
0113   std::shared_ptr<schema::GroupNode> schema_;
0114 };
0115
0116 class FileDecryptor {
0117  public:
0118   void DecryptFile(
0119       const std::string& file_name,
0120       const std::shared_ptr<FileDecryptionProperties>& file_decryption_properties);
0121   void DecryptPageIndex(
0122       const std::string& file_name,
0123       const std::shared_ptr<FileDecryptionProperties>& file_decryption_properties);
0124
0125  private:
0126   void CheckFile(
0127       parquet::ParquetFileReader* file_reader,
0128       const std::shared_ptr<FileDecryptionProperties>& file_decryption_properties);
0129   void CheckPageIndex(
0130       parquet::ParquetFileReader* file_reader,
0131       const std::shared_ptr<FileDecryptionProperties>& file_decryption_properties);
0132 };
0133
0134 }  // namespace encryption::test
0135 }  // namespace parquet