Merge pull request #193 from Altinity/reverted_encrypted_disk_fix

Enmk · web-flow · commit d912f2e7d40d · 2022-08-11T12:09:34.000+04:00
Revert "Merge pull request ClickHouse#39761 from ClickHouse/backport/22.3/39687"
diff --git a/src/IO/FileEncryptionCommon.h b/src/IO/FileEncryptionCommon.h
@@ -80,7 +80,6 @@ class Encryptor
     /// the initialization vector is increased by an index of the current block
     /// and the index of the current block is calculated from this offset.
     void setOffset(size_t offset_) { offset = offset_; }
-    size_t getOffset() const { return offset; }
 
     /// Encrypts some data.
     /// Also the function moves `offset` by `size` (for successive encryptions).
diff --git a/src/IO/ReadBufferFromEncryptedFile.cpp b/src/IO/ReadBufferFromEncryptedFile.cpp
@@ -21,6 +21,7 @@ ReadBufferFromEncryptedFile::ReadBufferFromEncryptedFile(
     , encryptor(header_.algorithm, key_, header_.init_vector)
 {
     offset = offset_;
+    encryptor.setOffset(offset_);
     need_seek = true;
 }
 
@@ -59,6 +60,9 @@ off_t ReadBufferFromEncryptedFile::seek(off_t off, int whence)
         assert(!hasPendingData());
     }
 
+    /// The encryptor always needs to know what the current offset is.
+    encryptor.setOffset(new_pos);
+
     return new_pos;
 }
 
@@ -90,10 +94,6 @@ bool ReadBufferFromEncryptedFile::nextImpl()
     /// The used cipher algorithms generate the same number of bytes in output as it were in input,
     /// so after deciphering the numbers of bytes will be still `bytes_read`.
     working_buffer.resize(bytes_read);
-
-    /// The decryptor needs to know what the current offset is (because it's used in the decryption algorithm).
-    encryptor.setOffset(offset);
-
     encryptor.decrypt(encrypted_buffer.data(), bytes_read, working_buffer.begin());
 
     pos = working_buffer.begin();
diff --git a/src/IO/tests/gtest_file_encryption.cpp b/src/IO/tests/gtest_file_encryption.cpp
@@ -4,13 +4,6 @@
 #include <gtest/gtest.h>
 #include <IO/WriteBufferFromString.h>
 #include <IO/FileEncryptionCommon.h>
-#include <IO/WriteBufferFromFile.h>
-#include <IO/WriteBufferFromEncryptedFile.h>
-#include <IO/ReadBufferFromEncryptedFile.h>
-#include <IO/ReadBufferFromFile.h>
-#include <IO/ReadHelpers.h>
-#include <Common/getRandomASCIIString.h>
-#include <filesystem>
 
 
 using namespace DB;
@@ -217,48 +210,4 @@ INSTANTIATE_TEST_SUITE_P(All,
     })
 );
 
-TEST(FileEncryptionPositionUpdateTest, Decryption)
-{
-    String tmp_path = std::filesystem::current_path() / "test_offset_update";
-    if (std::filesystem::exists(tmp_path))
-        std::filesystem::remove(tmp_path);
-
-    String key = "1234567812345678";
-    FileEncryption::Header header;
-    header.algorithm = Algorithm::AES_128_CTR;
-    header.key_id = 1;
-    header.key_hash = calculateKeyHash(key);
-    header.init_vector = InitVector::random();
-
-    auto lwb = std::make_unique<WriteBufferFromFile>(tmp_path);
-    WriteBufferFromEncryptedFile wb(10, std::move(lwb), key, header);
-    auto data = getRandomASCIIString(20);
-    wb.write(data.data(), data.size());
-    wb.finalize();
-
-    auto lrb = std::make_unique<ReadBufferFromFile>(tmp_path);
-    ReadBufferFromEncryptedFile rb(10, std::move(lrb), key, header);
-    rb.ignore(5);
-    rb.ignore(5);
-    rb.ignore(5);
-    ASSERT_EQ(rb.getPosition(), 15);
-
-    String res;
-    readStringUntilEOF(res, rb);
-    ASSERT_EQ(res, data.substr(15));
-    res.clear();
-
-    rb.seek(0, SEEK_SET);
-    ASSERT_EQ(rb.getPosition(), 0);
-    res.resize(5);
-    rb.read(res.data(), res.size());
-    ASSERT_EQ(res, data.substr(0, 5));
-    res.clear();
-
-    rb.seek(1, SEEK_CUR);
-    ASSERT_EQ(rb.getPosition(), 6);
-    readStringUntilEOF(res, rb);
-    ASSERT_EQ(res, data.substr(6));
-}
-
 #endif
diff --git a/tests/integration/test_encrypted_disk/test.py b/tests/integration/test_encrypted_disk/test.py
@@ -252,21 +252,3 @@ def make_storage_policy_with_keys(policy_name, keys):
     # Detach the part encrypted with the wrong key and check that another part containing "(2,'data'),(3,'data')" still can be read.
     node.query("ALTER TABLE encrypted_test DETACH PART '{}'".format(FIRST_PART_NAME))
     assert node.query(select_query) == "(2,'data'),(3,'data')"
-
-
-def test_read_in_order():
-    node.query(
-        "CREATE TABLE encrypted_test(`a` UInt64,  `b` String(150)) ENGINE = MergeTree() ORDER BY (a, b) SETTINGS storage_policy='encrypted_policy'"
-    )
-
-    node.query(
-        "INSERT INTO encrypted_test SELECT * FROM generateRandom('a UInt64, b FixedString(150)') LIMIT 100000"
-    )
-
-    node.query(
-        "SELECT * FROM encrypted_test ORDER BY a, b SETTINGS optimize_read_in_order=1 FORMAT Null"
-    )
-
-    node.query(
-        "SELECT * FROM encrypted_test ORDER BY a, b SETTINGS optimize_read_in_order=0 FORMAT Null"
-    )

Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,7 @@ ReadBufferFromEncryptedFile::ReadBufferFromEncryptedFile(`
`21`	`21`	`, encryptor(header_.algorithm, key_, header_.init_vector)`
`22`	`22`	`{`
`23`	`23`	`offset = offset_;`
	`24`	`+ encryptor.setOffset(offset_);`
`24`	`25`	`need_seek = true;`
`25`	`26`	`}`
`26`	`27`
`@@ -59,6 +60,9 @@ off_t ReadBufferFromEncryptedFile::seek(off_t off, int whence)`
`59`	`60`	`assert(!hasPendingData());`
`60`	`61`	`}`
`61`	`62`
	`63`	`+ /// The encryptor always needs to know what the current offset is.`
	`64`	`+ encryptor.setOffset(new_pos);`
	`65`	`+`
`62`	`66`	`return new_pos;`
`63`	`67`	`}`
`64`	`68`
`@@ -90,10 +94,6 @@ bool ReadBufferFromEncryptedFile::nextImpl()`
`90`	`94`	`/// The used cipher algorithms generate the same number of bytes in output as it were in input,`
`91`	`95`	/// so after deciphering the numbers of bytes will be still `bytes_read`.
`92`	`96`	`working_buffer.resize(bytes_read);`
`93`		`-`
`94`		`- /// The decryptor needs to know what the current offset is (because it's used in the decryption algorithm).`
`95`		`- encryptor.setOffset(offset);`
`96`		`-`
`97`	`97`	`encryptor.decrypt(encrypted_buffer.data(), bytes_read, working_buffer.begin());`
`98`	`98`
`99`	`99`	`pos = working_buffer.begin();`