-
Notifications
You must be signed in to change notification settings - Fork 0
Add hash operator class for cross-document equality #164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
8 commits
Select commit
Hold shift + click to select a range
4026bc9
test(hash): add hash operator tests with coverage gap tests
tobyhede 10747c8
feat(hash): add hash_encrypted function and hash operator class
tobyhede 5b15037
refactor(operators): remove HASHES from cross-type and non-equality o…
tobyhede 4b3b5cb
fix(build): update Supabase glob to exclude hash_operator_class.sql
tobyhede 2042d4d
fix(test): update operator_class_tests to use encrypted_json fixture
tobyhede a49309a
fix(hash): use Blake3-first priority to maintain hash/equality contract
tobyhede cb6fd77
test(hash): add mixed-index regression tests for hash/equality contract
tobyhede 49127d6
fix(test): use explicit transactions for SET LOCAL and remove flaky a…
tobyhede File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| -- REQUIRE: src/schema.sql | ||
| -- REQUIRE: src/encrypted/types.sql | ||
| -- REQUIRE: src/hmac_256/types.sql | ||
| -- REQUIRE: src/hmac_256/functions.sql | ||
| -- REQUIRE: src/blake3/types.sql | ||
| -- REQUIRE: src/blake3/functions.sql | ||
| -- REQUIRE: src/ste_vec/functions.sql | ||
|
|
||
| --! @brief Compute hash integer for encrypted value | ||
| --! | ||
| --! Produces a 32-bit integer hash suitable for PostgreSQL hash joins, GROUP BY, | ||
| --! DISTINCT, and hash aggregate operations. Uses deterministic index terms | ||
| --! (Blake3 or HMAC-256) to ensure consistency with the equality operator: | ||
| --! if a = b then hash(a) = hash(b). | ||
| --! | ||
| --! Blake3 is checked before HMAC-256 to maintain the hash/equality contract. | ||
| --! eql_v2.compare uses the first index term present in BOTH operands (priority: | ||
| --! ORE > HMAC > Blake3). If value A has hm+b3 and value B has only b3, compare | ||
| --! uses Blake3. The hash function must also use Blake3 for A so that | ||
| --! hash(A) == hash(B). Preferring Blake3 (the lowest-priority deterministic | ||
| --! term) ensures any two values that compare equal will hash identically. | ||
| --! | ||
| --! @param val eql_v2_encrypted Encrypted value to hash | ||
| --! @return integer 32-bit hash value derived from Blake3 or HMAC-256 index term | ||
| --! | ||
| --! @throws Exception if no HMAC-256 or Blake3 index term is present | ||
| --! | ||
| --! @note Requires a match (blake3) or unique (hmac_256) index configured on the column | ||
| --! @note ORE-only values cannot be hashed (ORE ciphertext is not deterministic) | ||
| --! | ||
| --! @see eql_v2.blake3 | ||
| --! @see eql_v2.hmac_256 | ||
| --! @see eql_v2.compare | ||
| CREATE FUNCTION eql_v2.hash_encrypted(val eql_v2_encrypted) | ||
| RETURNS integer | ||
| IMMUTABLE STRICT PARALLEL SAFE | ||
| AS $$ | ||
| DECLARE | ||
| ste_val eql_v2_encrypted; | ||
| BEGIN | ||
| ste_val := eql_v2.to_ste_vec_value(val); | ||
|
|
||
| IF eql_v2.has_blake3(ste_val) THEN | ||
| RETURN hashtext(eql_v2.blake3(ste_val)::text); | ||
| END IF; | ||
|
|
||
| IF eql_v2.has_hmac_256(ste_val) THEN | ||
| RETURN hashtext(eql_v2.hmac_256(ste_val)::text); | ||
| END IF; | ||
|
|
||
| RAISE EXCEPTION 'Cannot hash eql_v2_encrypted value: no hmac_256 or blake3 index term found. Configure a unique or match index for hash operations (GROUP BY, DISTINCT, hash joins).'; | ||
| END; | ||
| $$ LANGUAGE plpgsql; | ||
tobyhede marked this conversation as resolved.
Show resolved
Hide resolved
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| -- REQUIRE: src/schema.sql | ||
| -- REQUIRE: src/encrypted/types.sql | ||
| -- REQUIRE: src/encrypted/hash.sql | ||
| -- REQUIRE: src/operators/=.sql | ||
|
|
||
| --! @brief PostgreSQL hash operator class for encrypted value hashing | ||
| --! | ||
| --! Defines the hash operator family and operator class required for hash-based | ||
| --! operations on encrypted values. This enables PostgreSQL to use hash strategies for: | ||
| --! - Hash joins (cross-row equality via hash) | ||
| --! - GROUP BY (hash aggregation) | ||
| --! - DISTINCT (hash-based deduplication) | ||
| --! - UNION (hash-based set operations) | ||
| --! | ||
| --! Only the same-type equality operator (eql_v2_encrypted = eql_v2_encrypted) is | ||
| --! registered. Cross-type operators (encrypted/jsonb) are excluded because hash | ||
| --! joins require independent hashing of each side before comparison. | ||
| --! | ||
| --! @note Requires hmac_256 or blake3 index terms for correct hashing | ||
| --! @see eql_v2.hash_encrypted | ||
| --! @see eql_v2.encrypted_operator_class (btree) | ||
|
|
||
| CREATE OPERATOR FAMILY eql_v2.encrypted_hash_operator_family USING hash; | ||
|
|
||
| CREATE OPERATOR CLASS eql_v2.encrypted_hash_operator_class | ||
| DEFAULT FOR TYPE eql_v2_encrypted USING hash | ||
| FAMILY eql_v2.encrypted_hash_operator_family AS | ||
| OPERATOR 1 = (eql_v2_encrypted, eql_v2_encrypted), | ||
| FUNCTION 1 eql_v2.hash_encrypted(eql_v2_encrypted); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.