Autonomy Software C++ 24.5.1
Welcome to the Autonomy Software repository of the Mars Rover Design Team (MRDT) at Missouri University of Science and Technology (Missouri S&T)! API reference contains the source code and other resources for the development of the autonomy software for our Mars rover. The Autonomy Software project aims to compete in the University Rover Challenge (URC) by demonstrating advanced autonomous capabilities and robust navigation algorithms.
Loading...
Searching...
No Matches
Static Public Member Functions | List of all members
duckdb::EncryptionEngine Class Reference

Static Public Member Functions

static const_data_ptr_t GetKeyFromCache (DatabaseInstance &db, const string &key_name)
 General key management wrapper functions.
 
static bool ContainsKey (DatabaseInstance &db, const string &key_name)
 
static void AddKeyToCache (DatabaseInstance &db, data_ptr_t key, const string &key_name, bool wipe=true)
 
static string AddKeyToCache (DatabaseInstance &db, data_ptr_t key)
 
static void AddTempKeyToCache (DatabaseInstance &db)
 
static void EncryptBlock (AttachedDatabase &attached_db, const string &key_id, FileBuffer &block, FileBuffer &temp_buffer_manager, uint64_t delta)
 Encryption Functions.
 
static void DecryptBlock (AttachedDatabase &attached_db, const string &key_id, data_ptr_t internal_buffer, uint64_t block_size, uint64_t delta)
 
static void EncryptTemporaryBuffer (DatabaseInstance &db, data_ptr_t buffer, idx_t buffer_size, data_ptr_t metadata)
 
static void DecryptTemporaryBuffer (DatabaseInstance &db, data_ptr_t buffer, idx_t buffer_size, data_ptr_t metadata)
 

Constructor & Destructor Documentation

◆ EncryptionEngine()

duckdb::EncryptionEngine::EncryptionEngine ( )
51882 {
51883}

◆ ~EncryptionEngine()

duckdb::EncryptionEngine::~EncryptionEngine ( )
51885 {
51886}

Member Function Documentation

◆ GetKeyFromCache()

const_data_ptr_t duckdb::EncryptionEngine::GetKeyFromCache ( DatabaseInstance db,
const string &  key_name 
)
static

General key management wrapper functions.

51888 {
51889 auto &keys = EncryptionKeyManager::Get(db);
51890 return keys.GetKey(key_name);
51891}
Here is the caller graph for this function:

◆ ContainsKey()

bool duckdb::EncryptionEngine::ContainsKey ( DatabaseInstance db,
const string &  key_name 
)
static
51893 {
51894 auto &keys = EncryptionKeyManager::Get(db);
51895 return keys.HasKey(key_name);
51896}

◆ AddKeyToCache() [1/2]

void duckdb::EncryptionEngine::AddKeyToCache ( DatabaseInstance db,
data_ptr_t  key,
const string &  key_name,
bool  wipe = true 
)
static
51898 {
51899 auto &keys = EncryptionKeyManager::Get(db);
51900 if (!keys.HasKey(key_name)) {
51901 keys.AddKey(key_name, key);
51902 } else {
51903 duckdb_mbedtls::MbedTlsWrapper::AESStateMBEDTLS::SecureClearData(key,
51904 MainHeader::DEFAULT_ENCRYPTION_KEY_LENGTH);
51905 }
51906}
duckdb::MainHeader::DEFAULT_ENCRYPTION_KEY_LENGTH
static constexpr uint64_t DEFAULT_ENCRYPTION_KEY_LENGTH
The encryption key length.
Definition duckdb.hpp:9749

◆ AddKeyToCache() [2/2]

string duckdb::EncryptionEngine::AddKeyToCache ( DatabaseInstance db,
data_ptr_t  key 
)
static
51908 {
51909 auto &keys = EncryptionKeyManager::Get(db);
51910 const auto key_id = keys.GenerateRandomKeyID();
51911
51912 if (!keys.HasKey(key_id)) {
51913 keys.AddKey(key_id, key);
51914 } else {
51915 duckdb_mbedtls::MbedTlsWrapper::AESStateMBEDTLS::SecureClearData(key,
51916 MainHeader::DEFAULT_ENCRYPTION_KEY_LENGTH);
51917 }
51918
51919 return key_id;
51920}

◆ AddTempKeyToCache()

void duckdb::EncryptionEngine::AddTempKeyToCache ( DatabaseInstance db)
static

Add a temporary key to the cache

51922 {
51924 const auto length = MainHeader::DEFAULT_ENCRYPTION_KEY_LENGTH;
51925 data_t temp_key[length];
51926
51927 // we cannot generate temporary keys with read-only enabled
51928 auto metadata = make_uniq<EncryptionStateMetadata>(EncryptionTypes::GCM, length, EncryptionTypes::V0_1);
51929 auto encryption_state = db.GetEncryptionUtil(false)->CreateEncryptionState(std::move(metadata));
51930 encryption_state->GenerateRandomData(temp_key, length);
51931
51932 string key_id = "temp_key";
51933 AddKeyToCache(db, temp_key, key_id);
51934}
db
db
duckdb::data_t
uint8_t data_t
data pointers
Definition duckdb.hpp:246
Here is the caller graph for this function:

◆ EncryptBlock()

void duckdb::EncryptionEngine::EncryptBlock ( AttachedDatabase attached_db,
const string &  key_id,
FileBuffer block,
FileBuffer temp_buffer_manager,
uint64_t  delta 
)
static

Encryption Functions.

store the nonce at the start of the block

encrypt the data including the checksum

Finalize and extract the tag

store the generated tag behind the nonce (but still at the beginning of the block)

51937 {
51938 auto &db = attached_db.GetDatabase();
51939 data_ptr_t block_offset_internal = temp_buffer_manager.InternalBuffer();
51940 auto encrypt_key = GetKeyFromCache(db, key_id);
51941 auto version = attached_db.GetStorageManager().GetEncryptionVersion();
51942 auto cipher = attached_db.GetStorageManager().GetCipher();
51943 auto metadata = make_uniq<EncryptionStateMetadata>(cipher, MainHeader::DEFAULT_ENCRYPTION_KEY_LENGTH, version);
51944 auto encryption_state = db.GetEncryptionUtil(attached_db.IsReadOnly())->CreateEncryptionState(std::move(metadata));
51945
51946 EncryptionTag tag;
51947 EncryptionNonce nonce(cipher, version);
51948 encryption_state->GenerateRandomData(nonce.data(), nonce.size());
51949
51951 memcpy(block_offset_internal, nonce.data(), nonce.size());
51952 encryption_state->InitializeEncryption(nonce, encrypt_key);
51953
51954 auto checksum_offset = block.InternalBuffer() + delta;
51955 auto encryption_checksum_offset = block_offset_internal + delta;
51956 auto size = block.size + Storage::DEFAULT_BLOCK_HEADER_SIZE;
51957
51959 auto aes_res = encryption_state->Process(checksum_offset, size, encryption_checksum_offset, size);
51960
51961 if (aes_res != size) {
51962 throw IOException("Block encryption failure: in- and output size differ (%llu/%llu)", size, aes_res);
51963 }
51964
51966 encryption_state->Finalize(block.InternalBuffer() + delta, 0, tag.data(), tag.size());
51967
51969 memcpy(block_offset_internal + nonce.size(), tag.data(), tag.size());
51970}
duckdb::EncryptionEngine::GetKeyFromCache
static const_data_ptr_t GetKeyFromCache(DatabaseInstance &db, const string &key_name)
General key management wrapper functions.
Definition duckdb.cpp:51888
size
GOpaque< Size > size(const GMat &src)
duckdb::Storage::DEFAULT_BLOCK_HEADER_SIZE
static constexpr idx_t DEFAULT_BLOCK_HEADER_SIZE
The default block header size for blocks written to storage.
Definition duckdb.hpp:9716
Here is the call graph for this function:

◆ DecryptBlock()

void duckdb::EncryptionEngine::DecryptBlock ( AttachedDatabase attached_db,
const string &  key_id,
data_ptr_t  internal_buffer,
uint64_t  block_size,
uint64_t  delta 
)
static

initialize encryption state

load the stored nonce and tag

Initialize the decryption

decrypt the block including the checksum

check the tag

51973 {
51975 auto &db = attached_db.GetDatabase();
51976 auto version = attached_db.GetStorageManager().GetEncryptionVersion();
51977 auto cipher = attached_db.GetStorageManager().GetCipher();
51978 auto metadata = make_uniq<EncryptionStateMetadata>(cipher, MainHeader::DEFAULT_ENCRYPTION_KEY_LENGTH, version);
51979 auto decrypt_key = GetKeyFromCache(db, key_id);
51980 auto encryption_state = db.GetEncryptionUtil(attached_db.IsReadOnly())->CreateEncryptionState(std::move(metadata));
51981
51983 EncryptionTag tag;
51984 EncryptionNonce nonce(cipher, version);
51985 memcpy(nonce.data(), internal_buffer, nonce.size());
51986 memcpy(tag.data(), internal_buffer + nonce.size(), tag.size());
51987
51989 encryption_state->InitializeDecryption(nonce, decrypt_key);
51990
51991 auto checksum_offset = internal_buffer + delta;
51992 auto size = block_size + Storage::DEFAULT_BLOCK_HEADER_SIZE;
51993
51995 auto aes_res = encryption_state->Process(checksum_offset, size, checksum_offset, size);
51996
51997 if (aes_res != block_size + Storage::DEFAULT_BLOCK_HEADER_SIZE) {
51998 throw IOException("Block decryption failure: in- and output size differ (%llu/%llu)", size, aes_res);
51999 }
52000
52002 encryption_state->Finalize(internal_buffer + delta, 0, tag.data(), tag.size());
52003}
Here is the call graph for this function:

◆ EncryptTemporaryBuffer()

void duckdb::EncryptionEngine::EncryptTemporaryBuffer ( DatabaseInstance db,
data_ptr_t  buffer,
idx_t  buffer_size,
data_ptr_t  metadata 
)
static

store the nonce at the start of metadata buffer

Finalize and extract the tag

store the generated tag after consequetively the nonce

52006 {
52007 if (!ContainsKey(db, "temp_key")) {
52008 AddTempKeyToCache(db);
52009 }
52010
52011 auto temp_key = GetKeyFromCache(db, "temp_key");
52012 // we cannot encrypt temp buffers in read-only mode
52013 auto encryption_util = db.GetEncryptionUtil(false);
52014 // we hard-code GCM here for now, it's the safest and we don't know what is configured here
52015 auto state_metadata = make_uniq<EncryptionStateMetadata>(
52016 EncryptionTypes::GCM, MainHeader::DEFAULT_ENCRYPTION_KEY_LENGTH, EncryptionTypes::V0_1);
52017 auto encryption_state = encryption_util->CreateEncryptionState(std::move(state_metadata));
52018
52019 // zero-out the metadata buffer
52020 memset(metadata, 0, DEFAULT_ENCRYPTED_BUFFER_HEADER_SIZE);
52021
52022 EncryptionTag tag;
52023 EncryptionNonce nonce(EncryptionTypes::CipherType::GCM, EncryptionTypes::V0_1);
52024
52025 encryption_state->GenerateRandomData(nonce.data(), nonce.size());
52026
52028 memcpy(metadata, nonce.data(), nonce.size());
52029 encryption_state->InitializeEncryption(nonce, temp_key);
52030
52031 auto aes_res = encryption_state->Process(buffer, buffer_size, buffer, buffer_size);
52032
52033 if (aes_res != buffer_size) {
52034 throw IOException("Temporary buffer encryption failure: in- and output size differ (%llu/%llu)", buffer_size,
52035 aes_res);
52036 }
52037
52039 encryption_state->Finalize(buffer, 0, tag.data(), tag.size());
52040
52042 memcpy(metadata + nonce.size(), tag.data(), tag.size());
52043
52044 // check if tag is correctly stored
52045 D_ASSERT(memcmp(tag.data(), metadata + nonce.size(), tag.size()) == 0);
52046}
duckdb::EncryptionEngine::AddTempKeyToCache
static void AddTempKeyToCache(DatabaseInstance &db)
Definition duckdb.cpp:51922
Here is the call graph for this function:

◆ DecryptTemporaryBuffer()

void duckdb::EncryptionEngine::DecryptTemporaryBuffer ( DatabaseInstance db,
data_ptr_t  buffer,
idx_t  buffer_size,
data_ptr_t  metadata 
)
static

initialize encryption state

52070 {
52072 auto encryption_util = db.GetEncryptionUtil(false);
52073 auto temp_key = GetKeyFromCache(db, "temp_key");
52074 auto state_metadata = make_uniq<EncryptionStateMetadata>(
52075 EncryptionTypes::GCM, MainHeader::DEFAULT_ENCRYPTION_KEY_LENGTH, EncryptionTypes::EncryptionVersion::V0_1);
52076 auto encryption_state = encryption_util->CreateEncryptionState(std::move(state_metadata));
52077
52078 DecryptBuffer(*encryption_state, temp_key, buffer, buffer_size, metadata);
52079}
duckdb::DecryptBuffer
static void DecryptBuffer(EncryptionState &encryption_state, const_data_ptr_t temp_key, data_ptr_t buffer, idx_t buffer_size, data_ptr_t metadata)
Definition duckdb.cpp:52048
Here is the call graph for this function:
The documentation for this class was generated from the following file: