Skip to content

Commit 134e2a6

Browse files
tobyhedetobyhede
committed
Closer
1 parent 9c91f8c commit 134e2a6

File tree

2 files changed

+22
-12
lines changed

2 files changed

+22
-12
lines changed

sql/000-ore.sql

Lines changed: 21 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,15 @@ CREATE TYPE ore_64_8_v1 AS (
99
);
1010

1111
DROP FUNCTION IF EXISTS compare_ore_64_8_v1_term(a ore_64_8_v1_term, b ore_64_8_v1_term);
12+
DROP FUNCTION IF EXISTS compare_ore_64_8_v1_term(a bytea, b bytea);
1213

1314
CREATE FUNCTION compare_ore_64_8_v1_term(a ore_64_8_v1_term, b ore_64_8_v1_term) returns integer AS $$
15+
BEGIN
16+
SELECT compare_ore_64_8_v1_term(a.bytes, b.bytes)
17+
END;
18+
$$ LANGUAGE plpgsql;
19+
20+
CREATE FUNCTION compare_ore_64_8_v1_term(a bytea, b bytea) returns integer AS $$
1421
DECLARE
1522
eq boolean := true;
1623
unequal_block smallint := 0;
@@ -35,7 +42,7 @@ CREATE FUNCTION compare_ore_64_8_v1_term(a ore_64_8_v1_term, b ore_64_8_v1_term)
3542
RETURN 1;
3643
END IF;
3744

38-
IF bit_length(a.bytes) != bit_length(b.bytes) THEN
45+
IF bit_length(a) != bit_length(b) THEN
3946
RAISE EXCEPTION 'Ciphertexts are different lengths';
4047
END IF;
4148

@@ -47,8 +54,8 @@ CREATE FUNCTION compare_ore_64_8_v1_term(a ore_64_8_v1_term, b ore_64_8_v1_term)
4754
-- * We are not worrying about timing attacks here; don't fret about
4855
-- the OR or !=.
4956
IF
50-
substr(a.bytes, 1 + block, 1) != substr(b.bytes, 1 + block, 1)
51-
OR substr(a.bytes, 9 + left_block_size * block, left_block_size) != substr(b.bytes, 9 + left_block_size * BLOCK, left_block_size)
57+
substr(a, 1 + block, 1) != substr(b, 1 + block, 1)
58+
OR substr(a, 9 + left_block_size * block, left_block_size) != substr(b, 9 + left_block_size * BLOCK, left_block_size)
5259
THEN
5360
-- set the first unequal block we find
5461
IF eq THEN
@@ -63,20 +70,20 @@ CREATE FUNCTION compare_ore_64_8_v1_term(a ore_64_8_v1_term, b ore_64_8_v1_term)
6370
END IF;
6471

6572
-- Hash key is the IV from the right CT of b
66-
hash_key := substr(b.bytes, right_offset + 1, 16);
73+
hash_key := substr(b, right_offset + 1, 16);
6774

6875
-- first right block is at right offset + nonce_size (ordinally indexed)
69-
target_block := substr(b.bytes, right_offset + 17 + (unequal_block * right_block_size), right_block_size);
76+
target_block := substr(b, right_offset + 17 + (unequal_block * right_block_size), right_block_size);
7077

7178
indicator := (
7279
get_bit(
7380
encrypt(
74-
substr(a.bytes, 9 + (left_block_size * unequal_block), left_block_size),
81+
substr(a, 9 + (left_block_size * unequal_block), left_block_size),
7582
hash_key,
7683
'aes-ecb'
7784
),
7885
0
79-
) + get_bit(target_block, get_byte(a.bytes, unequal_block))) % 2;
86+
) + get_bit(target_block, get_byte(a, unequal_block))) % 2;
8087

8188
IF indicator = 1 THEN
8289
RETURN 1::integer;
@@ -235,6 +242,13 @@ CREATE OPERATOR CLASS ore_64_8_v1_term_btree_ops DEFAULT FOR TYPE ore_64_8_v1_te
235242
DROP FUNCTION IF EXISTS compare_ore_array(a ore_64_8_v1_term[], b ore_64_8_v1_term[]);
236243

237244
CREATE FUNCTION compare_ore_array(a ore_64_8_v1_term[], b ore_64_8_v1_term[])
245+
RETURNS integer AS $$
246+
BEGIN
247+
SELECT compare_ore_array(a, b);
248+
END
249+
$$ LANGUAGE plpgsql;
250+
251+
CREATE FUNCTION compare_ore_array(a bytea[], b bytea[])
238252
RETURNS integer AS $$
239253
DECLARE
240254
cmp_result integer;

tests/operators-ore-order.sql

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -45,16 +45,12 @@ INSERT INTO users (name_encrypted) VALUES (
4545
);
4646

4747

48-
SELECT (name_encrypted->>'o') FROM users;
4948

5049
-- SELECT id FROM users WHERE cs_ore_64_8_v1(name_encrypted) > cs_ore_64_8_v1('{"o":"(\"{\"\"(\\\\\"\"\\\\\\\\\\\\\\\\x12121212121259bfe28282d03415e7714fccd69eb7eb476c70743e485e20331f59cbc1c848dcdeda716f351eb20588c406a7df5fb8917ebf816739aa1414ac3b8498e493bf0badea5c9fdb3cc34da8b152b995957591880c523beb1d3f12487c38d18f62dd26209a727674e5a5fe3a3e3037860839afd801ff4a28b714e4cde8df10625dce72602fdbdcc53d515857f1119f5912804ce09c6cf6c2d37393a27a465134523b512664582f834e15003b7216cb668480bc3e7d1c069f2572ece7c848b9eb9a28b4e62bfc2b97c93e61b2054154e621c5bbb7bed37de3d7c343bd3dbcf7b4af20128c961351bf55910a855f08a8587c2059a5f05ca8d7a082e695b3dd4ff3ce86694d4fe98972220eea1ab90f5de493ef3a502b74a569f103ee2897ebc9ae9b16a17e7be67415ee830519beb3058ffc1c1eb0e574d66c8b365919f27eb00aa7bce475d7bdaad4ed800f8fc3d626e0eb842e312b0cc22a1ccf89847ebb2cd0a6e18aec21bd2deeec1c47301fc687f7f764bb882b50f553c246a6da5816b78b3530119ea68b08a8403a90e063e58502670563bd4d\\\\\"\")\"\"}\")"}');
5150

51+
SELECT id, name_encrypted FROM users ORDER BY name_encrypted DESC;
5252

5353

54-
55-
56-
57-
-- SELECT id, name_encrypted FROM users ORDER BY cs_ore_64_8_v1(name_encrypted) ASC
5854
-- SELECT id, name_encrypted FROM users ORDER BY name_encrypted ASC;
5955

6056
-- SELECT id FROM users WHERE name_encrypted::cs_encrypted_v1 > '{

0 commit comments

Comments
 (0)