Merge pull request #127 from cipherstash/fix/check-encrypted-search-terms-are-not-null

fix: make eql_v2.compare robust against null search terms

Author: calvinbrewer

src/blake3/functions.sql

@@ -14,7 +14,7 @@ AS $$
       RETURN NULL;
     END IF;
 
-    IF NOT (val ? 'b3') THEN
+    IF NOT eql_v2.has_blake3(val) THEN
         RAISE 'Expected a blake3 index (b3) value in json: %', val;
     END IF;
 
@@ -44,7 +44,7 @@ CREATE FUNCTION eql_v2.has_blake3(val jsonb)
   IMMUTABLE STRICT PARALLEL SAFE
 AS $$
 	BEGIN
-    RETURN val ? 'b3';
+    RETURN val ->> 'b3' IS NOT NULL;
   END;
 $$ LANGUAGE plpgsql;
 

src/bloom_filter/functions.sql

@@ -12,7 +12,7 @@ AS $$
       RETURN NULL;
     END IF;
 
-    IF val ? 'bf' THEN
+    IF eql_v2.has_bloom_filter(val) THEN
       RETURN ARRAY(SELECT jsonb_array_elements(val->'bf'))::eql_v2.bloom_filter;
     END IF;
 
@@ -38,7 +38,7 @@ CREATE FUNCTION eql_v2.has_bloom_filter(val jsonb)
   IMMUTABLE STRICT PARALLEL SAFE
 AS $$
 	BEGIN
-    RETURN val ? 'bf';
+    RETURN val ->> 'bf' IS NOT NULL;
   END;
 $$ LANGUAGE plpgsql;
 

src/encrypted/aggregates_test.sql

@@ -48,48 +48,3 @@ DO $$
   ASSERT ((SELECT enc_int FROM agg_test WHERE plain_int = 5) = (SELECT eql_v2.max(enc_int) FROM agg_test));
   END;
 $$ LANGUAGE plpgsql;
-
--- insert data without "ob" (ore index value)
-INSERT INTO agg_test (plain_int, enc_int) VALUES
-(
-  3,
-  '{"c": "mBbLa7Cm?&jvpfcv1d3hep>s)76qzUbwUky&M&C<M-e2q^@e798gqWcAb{9a>3mjDG_os-_y0MRaMGl@&p#AOuusN|3Lu=mBCcg_V{&<LbY)~;X>N2hzy", "i": {"c": "encrypted_int4", "t": "encrypted"}, "k": "ct", "bf": null, "v": 2}'::jsonb::eql_v2_encrypted
-);
-
--- run exceptional case
-DO $$
-  DECLARE
-    error_message text;
-  BEGIN
-    -- min enc_int raises exception
-    SELECT eql_v2.min(enc_int) FROM agg_test;
-  EXCEPTION
-    WHEN others THEN
-      error_message := SQLERRM;
-
-      IF error_message LIKE '%' || 'Expected an ore index (ob) value in json' || '%' THEN
-        ASSERT true;
-      ELSE
-        RAISE EXCEPTION 'Unexpected exception: %', error_message;
-      END IF;
-  END;
-$$ LANGUAGE plpgsql;
-
--- run exceptional case
-DO $$
-  DECLARE
-    error_message text;
-  BEGIN
-    -- max enc_int raises exception
-    SELECT eql_v2.max(enc_int) FROM agg_test;
-  EXCEPTION
-    WHEN others THEN
-      error_message := SQLERRM;
-
-      IF error_message LIKE '%' || 'Expected an ore index (ob) value in json' || '%' THEN
-        ASSERT true;
-      ELSE
-        RAISE EXCEPTION 'Unexpected exception: %', error_message;
-      END IF;
-  END;
-$$ LANGUAGE plpgsql;

src/hmac_256/functions.sql

@@ -12,7 +12,7 @@ AS $$
       RETURN NULL;
     END IF;
 
-    IF val ? 'hm' THEN
+    IF eql_v2.has_hmac_256(val) THEN
       RETURN val->>'hm';
     END IF;
     RAISE 'Expected a hmac_256 index (hm) value in json: %', val;
@@ -25,7 +25,7 @@ CREATE FUNCTION eql_v2.has_hmac_256(val jsonb)
   IMMUTABLE STRICT PARALLEL SAFE
 AS $$
 	BEGIN
-    RETURN val ? 'hm';
+    RETURN val ->> 'hm' IS NOT NULL;
   END;
 $$ LANGUAGE plpgsql;
 

src/operators/compare_test.sql

@@ -163,4 +163,45 @@ DO $$
     ASSERT eql_v2.compare(c, b) = 1;
     ASSERT eql_v2.compare(c, a) = 1;
   END;
-$$ LANGUAGE plpgsql;
+$$ LANGUAGE plpgsql;
+
+
+--
+-- Compare hmac_256 when record has a `null` index of higher precedence
+-- TEST COVERAGE FOR BUG FIX
+--
+-- ORE Block indexes `ob` are used in compare before hmac_256 indexes.
+-- If the index term is null `{"ob": null}` it should not be used
+-- Comparing two `null` values is evaluated as equality and hilarity ensues
+--
+
+DO $$
+  DECLARE
+   a eql_v2_encrypted;
+   b eql_v2_encrypted;
+   c eql_v2_encrypted;
+  BEGIN
+    -- generate with `hm` index
+    a := create_encrypted_json(1, 'hm');
+    -- append `null` index
+    a := '{"ob": null}'::jsonb || a::jsonb;
+
+    b := create_encrypted_json(2, 'hm');
+    b := '{"ob": null}'::jsonb || b::jsonb;
+
+    c := create_encrypted_json(3, 'hm');
+    c := '{"ob": null}'::jsonb || c::jsonb;
+
+    ASSERT eql_v2.compare(a, a) = 0;
+    ASSERT eql_v2.compare(a, b) = -1;
+    ASSERT eql_v2.compare(a, c) = -1;
+
+    ASSERT eql_v2.compare(b, b) = 0;
+    ASSERT eql_v2.compare(b, a) = 1;
+    ASSERT eql_v2.compare(b, c) = -1;
+
+    ASSERT eql_v2.compare(c, c) = 0;
+    ASSERT eql_v2.compare(c, b) = 1;
+    ASSERT eql_v2.compare(c, a) = 1;
+  END;
+$$ LANGUAGE plpgsql;

src/ore_block_u64_8_256/functions.sql

@@ -57,7 +57,7 @@ AS $$
       RETURN NULL;
     END IF;
 
-    IF val ? 'ob' THEN
+    IF eql_v2.has_ore_block_u64_8_256(val) THEN
       RETURN eql_v2.jsonb_array_to_ore_block_u64_8_256(val->'ob');
     END IF;
     RAISE 'Expected an ore index (ob) value in json: %', val;
@@ -85,7 +85,7 @@ CREATE FUNCTION eql_v2.has_ore_block_u64_8_256(val jsonb)
   IMMUTABLE STRICT PARALLEL SAFE
 AS $$
 	BEGIN
-    RETURN val ? 'ob';
+    RETURN val ->> 'ob' IS NOT NULL;
   END;
 $$ LANGUAGE plpgsql;
 

src/ore_cllw_u64_8/functions.sql

@@ -17,14 +17,10 @@ AS $$
       RETURN NULL;
     END IF;
 
-    IF NOT (val ? 'ocf') THEN
+    IF NOT (eql_v2.has_ore_cllw_u64_8(val)) THEN
         RAISE 'Expected a ore_cllw_u64_8 index (ocf) value in json: %', val;
     END IF;
 
-    IF val->>'ocf' IS NULL THEN
-      RETURN NULL;
-    END IF;
-
     RETURN ROW(decode(val->>'ocf', 'hex'));
   END;
 $$ LANGUAGE plpgsql;
@@ -47,7 +43,7 @@ CREATE FUNCTION eql_v2.has_ore_cllw_u64_8(val jsonb)
   IMMUTABLE STRICT PARALLEL SAFE
 AS $$
 	BEGIN
-    RETURN val ? 'ocf';
+    RETURN val ->> 'ocf' IS NOT NULL;
   END;
 $$ LANGUAGE plpgsql;