Skip to content

Adding the new encryptor and decryptor interfaces#59

Merged
sofia-tekdatum merged 1 commit into
dev_phase2from
add_new_interfaces
Aug 14, 2025
Merged

Adding the new encryptor and decryptor interfaces#59
sofia-tekdatum merged 1 commit into
dev_phase2from
add_new_interfaces

Conversation

@sofia-tekdatum

Copy link
Copy Markdown
Collaborator

Adding the basic Encryptor and Decryptor interfaces.

These are intended to abstract away the Aes version of the encryptors and decryptors so user can choose other types to use.

@github-actions

Copy link
Copy Markdown

Thanks for opening a pull request!

If this is not a minor PR. Could you open an issue for this pull request on GitHub? https://github.com/apache/arrow/issues/new/choose

Opening GitHub issues ahead of time contributes to the Openness of the Apache Arrow project.

Then could you also rename the pull request title in the following format?

GH-${GITHUB_ISSUE_ID}: [${COMPONENT}] ${SUMMARY}

or

MINOR: [${COMPONENT}] ${SUMMARY}

See also:

@avalerio-tkd avalerio-tkd left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Just a comment on the licensing header.

@@ -0,0 +1,39 @@
// Licensed to the Apache Software Foundation (ASF) under one

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd be careful with the licensing header. I guess this is not Protegrity specific, but only add it if others at the same level of detail include them already

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, these are the licensing details for header files in this directory. Also, this is the Arrow encryption interface, so it must share the licensing.

@sofia-tekdatum
sofia-tekdatum merged commit 21f93e1 into dev_phase2 Aug 14, 2025
21 of 64 checks passed
@sofia-tekdatum
sofia-tekdatum deleted the add_new_interfaces branch August 14, 2025 16:09
Comment on lines +35 to +44
/// Encrypt footer metadata for signature verification purposes only.
/// This method is used specifically for footer signature verification in encrypted
/// Parquet files with plaintext footers. It encrypts the footer metadata using
/// the provided key, AAD, and nonce to generate an authentication tag that can
/// be compared against a stored signature.
virtual int32_t SignedFooterEncrypt(::arrow::util::span<const uint8_t> footer,
::arrow::util::span<const uint8_t> key,
::arrow::util::span<const uint8_t> aad,
::arrow::util::span<const uint8_t> nonce,
::arrow::util::span<uint8_t> encrypted_footer) = 0;

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we removed some of these (i.e. aad, key) parameters from the ::Encrypt() call - why are we keeping them in the ::SignedFooterEncrypt() ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Refactor classes in preparation for External encryptor (fx neutral) > Create Encryptor and Decryptor interfaces

3 participants