Skip to content

-> and ->> variants with eql_v2_encrypted selector #115

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jun 3, 2025
Merged

-> and ->> variants with eql_v2_encrypted selector #115

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2c727eb
feat: -> and ->> variants with eql_v2_enctrypted selector
tobyhede Jun 3, 2025
6d1297f
fix: explicit cast to text for all tests using -> or ->>
tobyhede Jun 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions src/encrypted/aggregates.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ CREATE FUNCTION eql_v2.min(a eql_v2_encrypted, b eql_v2_encrypted)
STRICT
AS $$
BEGIN
PERFORM eql_v2.log('eql_v2.min');
IF eql_v2.ore_block_u64_8_256(a) < eql_v2.ore_block_u64_8_256(b) THEN
RETURN a;
ELSE
Expand All @@ -31,7 +30,6 @@ RETURNS eql_v2_encrypted
STRICT
AS $$
BEGIN
PERFORM eql_v2.log('eql_v2.max');
IF eql_v2.ore_block_u64_8_256(a) > eql_v2.ore_block_u64_8_256(b) THEN
RETURN a;
ELSE
Expand Down
48 changes: 35 additions & 13 deletions src/operators/->.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,21 @@


--
-- The -> operator returns an encrypted matching the selector
-- The -> operator returns an encrypted matching the provided selector
--
-- Encyprted JSON is represented as an array of `eql_v2_encrypted`.
-- Each `eql_v2_encrypted` value has a selector, ciphertext, and an index term of
-- - blake3
-- - ore_cllw_u64_8
-- - ore_cllw_var_8
-- Each `eql_v2_encrypted` value has a selector, ciphertext, and an index term
--
-- {
-- "sv": [ {"c": "", "s": "", "b3": "" } ]
-- }
--


-- Note on oeprator resolution:
-- Assignment casts are considered for operator resolution (see PostgreSQL docs),
-- the system may pick the "more specific" one, which is the one with both arguments of the same type.
--
-- This means that to use the text operator, the parameter will need to be cast to text
--
CREATE FUNCTION eql_v2."->"(e eql_v2_encrypted, selector text)
RETURNS eql_v2_encrypted
IMMUTABLE STRICT PARALLEL SAFE
Expand All @@ -43,10 +45,34 @@ AS $$
END;
$$ LANGUAGE plpgsql;

CREATE OPERATOR ->(
FUNCTION=eql_v2."->",
LEFTARG=eql_v2_encrypted,
RIGHTARG=text
);

---------------------------------------------------

--

CREATE FUNCTION eql_v2."->"(e eql_v2_encrypted, selector eql_v2_encrypted)
RETURNS eql_v2_encrypted
IMMUTABLE STRICT PARALLEL SAFE
AS $$
BEGIN
RETURN eql_v2."->"(e, eql_v2.selector(selector));
END;
$$ LANGUAGE plpgsql;



CREATE OPERATOR ->(
FUNCTION=eql_v2."->",
LEFTARG=eql_v2_encrypted,
RIGHTARG=eql_v2_encrypted
);


---------------------------------------------------


CREATE FUNCTION eql_v2."->"(e eql_v2_encrypted, selector integer)
Expand Down Expand Up @@ -76,11 +102,7 @@ AS $$
$$ LANGUAGE plpgsql;


CREATE OPERATOR ->(
FUNCTION=eql_v2."->",
LEFTARG=eql_v2_encrypted,
RIGHTARG=text
);



CREATE OPERATOR ->(
Expand Down
21 changes: 19 additions & 2 deletions src/operators/->>.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,7 @@ AS $$
DECLARE
found eql_v2_encrypted;
BEGIN

found = eql_v2."->"(e, selector);

RETURN eql_v2.ciphertext(found);
END;
$$ LANGUAGE plpgsql;
Expand All @@ -26,3 +24,22 @@ CREATE OPERATOR ->> (
);



---------------------------------------------------


CREATE FUNCTION eql_v2."->>"(e eql_v2_encrypted, selector eql_v2_encrypted)
RETURNS text
IMMUTABLE STRICT PARALLEL SAFE
AS $$
BEGIN
RETURN eql_v2."->>"(e, eql_v2.selector(selector));
END;
$$ LANGUAGE plpgsql;


CREATE OPERATOR ->> (
FUNCTION=eql_v2."->>",
LEFTARG=eql_v2_encrypted,
RIGHTARG=eql_v2_encrypted
);
30 changes: 26 additions & 4 deletions src/operators/->>_test.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,18 @@
SELECT create_table_with_encrypted();
SELECT seed_encrypted_json();


--
-- The ->> operator returns ciphertext matching the selector
DO $$
BEGIN
PERFORM assert_result(
'Selector ->> returns at least one eql_v2_encrypted',
'SELECT e->>''bca213de9ccce676fa849ff9c4807963'' FROM encrypted;');
'SELECT e->>''bca213de9ccce676fa849ff9c4807963''::text FROM encrypted;');

PERFORM assert_count(
'Selector ->> returns all eql_v2_encrypted',
'SELECT e->>''bca213de9ccce676fa849ff9c4807963'' FROM encrypted;',
'SELECT e->>''bca213de9ccce676fa849ff9c4807963''::text FROM encrypted;',
3);
END;
$$ LANGUAGE plpgsql;
Expand All @@ -25,7 +26,7 @@ DO $$
BEGIN
PERFORM assert_no_result(
'Unknown selector -> returns null',
'SELECT e->>''blahvtha'' FROM encrypted;');
'SELECT e->>''blahvtha''::text FROM encrypted;');

END;
$$ LANGUAGE plpgsql;
Expand All @@ -38,8 +39,29 @@ DO $$

PERFORM assert_result(
'Selector ->> returns all eql_v2_encrypted',
'SELECT e->>''bca213de9ccce676fa849ff9c4807963'' FROM encrypted LIMIT 1;',
'SELECT e->>''bca213de9ccce676fa849ff9c4807963''::text FROM encrypted LIMIT 1;',
'mBbLGB9xHAGzLvUj-`@Wmf=IhD87n7r3ir3n!Sk6AKir_YawR=0c>pk(OydB;ntIEXK~c>V&4>)rNkf<JN7fmlO)c^iBv;-X0+3XyK5d`&&I-oeIEOcwPf<3zy');
END;
$$ LANGUAGE plpgsql;


--
-- The ->> operator accepts an eql_v2_encrypted as the selector
--
DO $$
DECLARE
term text;
BEGIN
term := '{"s": "bca213de9ccce676fa849ff9c4807963"}';

PERFORM assert_result(
'Selector ->> returns at least one eql_v2_encrypted',
format('SELECT e->>%L::jsonb::eql_v2_encrypted FROM encrypted;', term));

PERFORM assert_count(
'Selector ->> returns all eql_v2_encrypted',
format('SELECT e->>%L::jsonb::eql_v2_encrypted FROM encrypted;', term),
3);
END;
$$ LANGUAGE plpgsql;

32 changes: 27 additions & 5 deletions src/operators/->_test.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,18 @@ SELECT create_table_with_encrypted();
SELECT seed_encrypted_json();



--
-- The -> operator returns an encrypted matching the selector
DO $$
BEGIN
PERFORM assert_result(
'Selector -> returns at least one eql_v2_encrypted',
'SELECT e->''bca213de9ccce676fa849ff9c4807963'' FROM encrypted;');
'SELECT e->''bca213de9ccce676fa849ff9c4807963''::text FROM encrypted;');

PERFORM assert_count(
'Selector -> returns all eql_v2_encrypted',
'SELECT e->''bca213de9ccce676fa849ff9c4807963'' FROM encrypted;',
'SELECT e->''bca213de9ccce676fa849ff9c4807963''::text FROM encrypted;',
3);
END;
$$ LANGUAGE plpgsql;
Expand All @@ -27,13 +28,34 @@ DO $$
BEGIN
PERFORM assert_no_result(
'Unknown selector -> returns null',
'SELECT e->''blahvtha'' FROM encrypted;');
'SELECT e->''blahvtha''::text FROM encrypted;');

END;
$$ LANGUAGE plpgsql;



--
-- The -> operator accepts an eql_v2_encrypted as the selector
--
DO $$
DECLARE
term text;
BEGIN
term := '{"s": "bca213de9ccce676fa849ff9c4807963"}';

PERFORM assert_result(
'Selector -> returns at least one eql_v2_encrypted',
format('SELECT e->%L::jsonb::eql_v2_encrypted FROM encrypted;', term));

PERFORM assert_count(
'Selector -> returns all eql_v2_encrypted',
format('SELECT e->%L::jsonb::eql_v2_encrypted FROM encrypted;', term),
3);
END;
$$ LANGUAGE plpgsql;


--
-- encrypted returned from -> operator expression called via eql_v2.ciphertext
--
Expand All @@ -43,11 +65,11 @@ DO $$
BEGIN
PERFORM assert_result(
'Fetch ciphertext via selector',
'SELECT eql_v2.ciphertext(e->''2517068c0d1f9d4d41d2c666211f785e'') FROM encrypted;');
'SELECT eql_v2.ciphertext(e->''2517068c0d1f9d4d41d2c666211f785e''::text) FROM encrypted;');

PERFORM assert_count(
'Fetch ciphertext via selector returns all eql_v2_encrypted',
'SELECT eql_v2.ciphertext(e->''2517068c0d1f9d4d41d2c666211f785e'') FROM encrypted;',
'SELECT eql_v2.ciphertext(e->''2517068c0d1f9d4d41d2c666211f785e''::text) FROM encrypted;',
3);
END;
$$ LANGUAGE plpgsql;
Expand Down
18 changes: 9 additions & 9 deletions src/operators/<=_test.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
SELECT create_table_with_encrypted();
SELECT seed_encrypted_json();

SELECT e FROM encrypted WHERE e->'a7cea93975ed8c01f861ccb6bd082784' <= '("{""c"": ""mBbM0#UZON2jQ3@LiWcvns2Yf6y3L;hykEh`}*fX#aF;n*=>+*o5Uarod39C7TF-SiCD-NgkG)l%Vw=l!tX>H*P<PfE$+0Szy"", ""s"": ""2517068c0d1f9d4d41d2c666211f785e"", ""ocf"": ""b0c13d4a4a9ffcb2ef853959fb2d26236337244ed86d66470d08963ed703356a1cee600a9a75a70aaefc1b4ca03b7918a7df25b7cd4ca774fd5b8616e6b9adb8""}")'::eql_v2_encrypted;
SELECT e FROM encrypted WHERE e->'a7cea93975ed8c01f861ccb6bd082784'::text <= '("{""c"": ""mBbM0#UZON2jQ3@LiWcvns2Yf6y3L;hykEh`}*fX#aF;n*=>+*o5Uarod39C7TF-SiCD-NgkG)l%Vw=l!tX>H*P<PfE$+0Szy"", ""s"": ""2517068c0d1f9d4d41d2c666211f785e"", ""ocf"": ""b0c13d4a4a9ffcb2ef853959fb2d26236337244ed86d66470d08963ed703356a1cee600a9a75a70aaefc1b4ca03b7918a7df25b7cd4ca774fd5b8616e6b9adb8""}")'::eql_v2_encrypted;


-- ------------------------------------------------------------------------
Expand All @@ -29,23 +29,23 @@ DECLARE
-- json n: 30
sv := get_numeric_ste_vec_30()::eql_v2_encrypted;
-- extract the term at $.n returned as eql_v2_encrypted
term := sv->'2517068c0d1f9d4d41d2c666211f785e';
term := sv->'2517068c0d1f9d4d41d2c666211f785e'::text;

-- -- -- -- $.n
PERFORM assert_result(
format('eql_v2_encrypted <= eql_v2_encrypted with ore_cllw_u64_8 index term'),
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e'' <= %L::eql_v2_encrypted', term));
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e''::text <= %L::eql_v2_encrypted', term));

PERFORM assert_count(
format('eql_v2_encrypted <= eql_v2_encrypted with ore index term'),
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e'' <= %L::eql_v2_encrypted', term),
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e''::text <= %L::eql_v2_encrypted', term),
3);

-- -- Check the $.hello path
-- -- Returned encrypted does not have ore_cllw_u64_8
PERFORM assert_no_result(
format('eql_v2_encrypted <= eql_v2_encrypted with ore_cllw_u64_8 index term'),
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784'' <= %L::eql_v2_encrypted', term));
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784''::text <= %L::eql_v2_encrypted', term));

END;
$$ LANGUAGE plpgsql;
Expand Down Expand Up @@ -73,23 +73,23 @@ DECLARE
-- json n: 30
sv := get_numeric_ste_vec_30()::eql_v2_encrypted;
-- extract the term at $.n returned as eql_v2_encrypted
term := sv->'a7cea93975ed8c01f861ccb6bd082784';
term := sv->'a7cea93975ed8c01f861ccb6bd082784'::text;

-- -- -- -- $.n
PERFORM assert_result(
format('eql_v2_encrypted <= eql_v2_encrypted with ore_cllw_var_8 index term'),
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784'' <= %L::eql_v2_encrypted', term));
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784''::text <= %L::eql_v2_encrypted', term));

PERFORM assert_count(
format('eql_v2_encrypted <= eql_v2_encrypted with ore_cllw_var_8 index term'),
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784'' <= %L::eql_v2_encrypted', term),
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784''::text <= %L::eql_v2_encrypted', term),
2);

-- -- Check the $.n path
-- -- Returned encrypted does not have ore_cllw_u64_8
PERFORM assert_no_result(
format('eql_v2_encrypted <= eql_v2_encrypted with ore_cllw_var_8 index term'),
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e'' <= %L::eql_v2_encrypted', term));
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e''::text <= %L::eql_v2_encrypted', term));

END;
$$ LANGUAGE plpgsql;
Expand Down
8 changes: 4 additions & 4 deletions src/operators/<>_ore_cllw_u64_8_test.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,23 +31,23 @@ DECLARE
-- json n: 10
sv := get_numeric_ste_vec_10()::eql_v2_encrypted;
-- extract the term at $.n returned as eql_v2_encrypted
term := sv->'2517068c0d1f9d4d41d2c666211f785e';
term := sv->'2517068c0d1f9d4d41d2c666211f785e'::text;

-- -- -- -- $.n
PERFORM assert_result(
format('eql_v2_encrypted <> eql_v2_encrypted with ore_cllw_u64_8 index term'),
format('SELECT e FROM encrypted WHERE (e->''2517068c0d1f9d4d41d2c666211f785e'') <> %L::eql_v2_encrypted', term));
format('SELECT e FROM encrypted WHERE (e->''2517068c0d1f9d4d41d2c666211f785e''::text) <> %L::eql_v2_encrypted', term));

PERFORM assert_count(
format('eql_v2_encrypted <> eql_v2_encrypted with ore index term'),
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e'' <> %L::eql_v2_encrypted', term),
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e''::text <> %L::eql_v2_encrypted', term),
2);

-- -- Check the $.hello path
-- -- Returned encrypted does not have ore_cllw_u64_8
PERFORM assert_result(
format('eql_v2_encrypted <> eql_v2_encrypted with ore index term'),
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784'' <> %L::eql_v2_encrypted', term));
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784''::text <> %L::eql_v2_encrypted', term));

END;
$$ LANGUAGE plpgsql;
Expand Down
8 changes: 4 additions & 4 deletions src/operators/<>_ore_cllw_var_8_test.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,23 +30,23 @@ DECLARE
-- json n: 10
sv := get_numeric_ste_vec_10()::eql_v2_encrypted;
-- extract the term at $.n returned as eql_v2_encrypted
term := sv->'a7cea93975ed8c01f861ccb6bd082784';
term := sv->'a7cea93975ed8c01f861ccb6bd082784'::text;

-- -- -- -- $.n
PERFORM assert_result(
format('eql_v2_encrypted <> eql_v2_encrypted with ore_cllw_var_8 index term'),
format('SELECT e FROM encrypted WHERE (e->''a7cea93975ed8c01f861ccb6bd082784'') <> %L::eql_v2_encrypted', term));
format('SELECT e FROM encrypted WHERE (e->''a7cea93975ed8c01f861ccb6bd082784''::text) <> %L::eql_v2_encrypted', term));

PERFORM assert_count(
format('eql_v2_encrypted <> eql_v2_encrypted with ore_cllw_var_8 index term'),
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784'' <> %L::eql_v2_encrypted', term),
format('SELECT e FROM encrypted WHERE e->''a7cea93975ed8c01f861ccb6bd082784''::text <> %L::eql_v2_encrypted', term),
2);

-- -- Check the $.n path
-- -- Returned encrypted does not have ore_cllw_var_8
PERFORM assert_result(
format('eql_v2_encrypted <> eql_v2_encrypted with ore_cllw_var_8 index term'),
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e'' <> %L::eql_v2_encrypted', term));
format('SELECT e FROM encrypted WHERE e->''2517068c0d1f9d4d41d2c666211f785e''::text <> %L::eql_v2_encrypted', term));

END;
$$ LANGUAGE plpgsql;
Expand Down
2 changes: 1 addition & 1 deletion src/operators/<@_test.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ DECLARE
-- This extracts the data associated with the field from the test eql_v2_encrypted
sv := get_numeric_ste_vec_10()::eql_v2_encrypted;
-- extract the term at $.n returned as eql_v2_encrypted
term := sv->'a7cea93975ed8c01f861ccb6bd082784';
term := sv->'a7cea93975ed8c01f861ccb6bd082784'::text;

-- -- -- -- $.n
PERFORM assert_result(
Expand Down
Loading