-
Notifications
You must be signed in to change notification settings - Fork 0
/
pg_ff3.sql
402 lines (325 loc) · 10.7 KB
/
pg_ff3.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
-- complain if script is sourced in psql, rather than via CREATE EXTENSION
\echo Use "CREATE EXTENSION pg_ff3" to load this file. \quit
DO $$
BEGIN
IF pg_catalog.current_setting('ff3.group') IS NULL OR
pg_catalog.current_setting('ff3.group') = ''
THEN
RAISE EXCEPTION '% must be set', pg_catalog.current_setting('ff3.group')
USING DETAIL = 'The group where members see pseudonymized IDs is not set.',
HINT = 'Add ff3.group = ''...'' in postgresql.conf to chosen existing group.';
END IF;
END;
$$;
CREATE SCHEMA ff3;
CREATE SEQUENCE ff3.keys_seq;
CREATE TABLE ff3.keys (
id integer PRIMARY KEY DEFAULT pg_catalog.nextval('ff3.keys_seq'),
key bytea NOT NULL CHECK(length(key) = 32), -- 256 bits
tweak bytea NOT NULL CHECK(length(tweak) = 7), -- 56 bits for FF3-1
alphabet varchar(255) NOT NULL DEFAULT '0123456789' CHECK(length(alphabet) >=2),
-- AND length(alphabet) <=255,
is_enabled boolean NOT NULL DEFAULT TRUE,
comment text,
UNIQUE(key,tweak,alphabet,is_enabled),
-- auditing
created_by text NOT NULL DEFAULT CURRENT_USER,
created_at timestamp(6) with time zone NOT NULL DEFAULT now(),
edited_by text NOT NULL DEFAULT CURRENT_USER,
edited_at timestamp(6) with time zone NOT NULL DEFAULT now()
);
-- GRANT SELECT ON ff3.keys TO public;
ALTER TABLE ff3.keys ENABLE ROW LEVEL SECURITY;
CREATE POLICY ff3_keys_policy ON ff3.keys USING (created_by = current_user);
-- ########################
-- Pseudo Int8 Type
-- ########################
CREATE FUNCTION ff3.int8in(cstring)
RETURNS ff3.int8
AS 'MODULE_PATHNAME', 'pg_ff3_int8in'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.int8out(ff3.int8)
RETURNS cstring
AS 'MODULE_PATHNAME', 'pg_ff3_int8out'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.int8recv(internal)
RETURNS ff3.int8
AS 'MODULE_PATHNAME', 'pg_ff3_int8recv'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.int8send(ff3.int8)
RETURNS bytea
AS 'MODULE_PATHNAME', 'pg_ff3_int8send'
LANGUAGE C IMMUTABLE STRICT;
CREATE TYPE ff3.int8 (
input = ff3.int8in,
output = ff3.int8out,
send = ff3.int8send,
receive = ff3.int8recv,
LIKE = int8,
category = 'N',
COLLATABLE = false
);
CREATE FUNCTION ff3.int48(v int4)
RETURNS ff3.int8
-- AS 'SELECT v::bigint::ff3.int8;'
-- LANGUAGE SQL IMMUTABLE STRICT;
AS 'MODULE_PATHNAME', 'pg_ff3_int48'
LANGUAGE C IMMUTABLE STRICT;
--CREATE CAST (int2 AS ff3.int8) WITHOUT FUNCTION AS IMPLICIT;
CREATE CAST (int4 AS ff3.int8) WITH FUNCTION ff3.int48 AS IMPLICIT;
CREATE CAST (int8 AS ff3.int8) WITHOUT FUNCTION AS IMPLICIT;
CREATE CAST (ff3.int8 AS int8) WITHOUT FUNCTION AS IMPLICIT;
-- We can't guarantee that the postgres non-negative int64 in base-10 won't be encrypted into another
-- base-10 number that fits the range of int64. Moreover, we don't want to encrypt into negative numbers.
-- Postgres numeric values are signed.
--
-- max bigint is 9223372036854775807 = 2^63-1 = (~0) >> 1
-- In base 10, max bigint is 19 chars long = (MAXINT8LEN - 1) (ignoring negative numbers)
--
-- Therefore, we choose to limit the encryptable number to a digit less, ie MAXBIGINT / 10.
-- (that is, 18 nines)
--
CREATE DOMAIN ff3.int8domain AS ff3.int8 CHECK( VALUE::int8 >= 0 AND VALUE::int8 < 999999999999999999);
CREATE FUNCTION ff3.eq(ff3.int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_eq'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.lt(ff3.int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_lt'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.gt(ff3.int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_gt'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.le(ff3.int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_le'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.ge(ff3.int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_ge'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.cmp(ff3.int8, ff3.int8)
RETURNS int
AS 'MODULE_PATHNAME', 'pg_ff3_int8_cmp'
LANGUAGE C IMMUTABLE STRICT;
------------------------
CREATE FUNCTION ff3.eq(ff3.int8, int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_eq'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.lt(ff3.int8, int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_lt'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.gt(ff3.int8, int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_gt'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.le(ff3.int8, int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_le'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.ge(ff3.int8, int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_ge'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.cmp(ff3.int8, int8)
RETURNS int
AS 'MODULE_PATHNAME', 'pg_ff3_int8_cmp'
LANGUAGE C IMMUTABLE STRICT;
------------------------
CREATE FUNCTION ff3.eq(int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_eq'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.lt(int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_lt'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.gt(int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_gt'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.le(int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_le'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.ge(int8, ff3.int8)
RETURNS boolean
AS 'MODULE_PATHNAME', 'pg_ff3_int8_ge'
LANGUAGE C IMMUTABLE STRICT;
CREATE FUNCTION ff3.cmp(int8, ff3.int8)
RETURNS int
AS 'MODULE_PATHNAME', 'pg_ff3_int8_cmp'
LANGUAGE C IMMUTABLE STRICT;
------------------------
CREATE FUNCTION ff3.sortsupport(internal)
RETURNS void
AS 'MODULE_PATHNAME', 'pg_ff3_int8_sortsupport'
LANGUAGE C IMMUTABLE STRICT;
------------------------
CREATE OPERATOR < (
LEFTARG = ff3.int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.lt,
COMMUTATOR = >, NEGATOR = >=,
HASHES, MERGES
);
CREATE OPERATOR < (
LEFTARG = int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.lt,
COMMUTATOR = >, NEGATOR = >=,
HASHES, MERGES
);
CREATE OPERATOR < (
LEFTARG = ff3.int8, RIGHTARG = int8,
FUNCTION = ff3.lt,
COMMUTATOR = >, NEGATOR = >=,
HASHES, MERGES
);
CREATE OPERATOR <= (
LEFTARG = ff3.int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.le,
COMMUTATOR = >=, NEGATOR = >,
HASHES, MERGES
);
CREATE OPERATOR <= (
LEFTARG = int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.le,
COMMUTATOR = >=, NEGATOR = >,
HASHES, MERGES
);
CREATE OPERATOR <= (
LEFTARG = ff3.int8, RIGHTARG = int8,
FUNCTION = ff3.le,
COMMUTATOR = >=, NEGATOR = >,
HASHES, MERGES
);
CREATE OPERATOR = (
LEFTARG = ff3.int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.eq,
COMMUTATOR = =, NEGATOR = !=,
HASHES, MERGES
);
CREATE OPERATOR = (
LEFTARG = int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.eq,
COMMUTATOR = =, NEGATOR = !=,
HASHES, MERGES
);
CREATE OPERATOR = (
LEFTARG = ff3.int8, RIGHTARG = int8,
FUNCTION = ff3.eq,
COMMUTATOR = =, NEGATOR = !=,
HASHES, MERGES
);
CREATE OPERATOR >= (
LEFTARG = ff3.int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.ge,
COMMUTATOR = <=, NEGATOR = <,
HASHES, MERGES
);
CREATE OPERATOR >= (
LEFTARG = int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.ge,
COMMUTATOR = <=, NEGATOR = <,
HASHES, MERGES
);
CREATE OPERATOR >= (
LEFTARG = ff3.int8, RIGHTARG = int8,
FUNCTION = ff3.ge,
COMMUTATOR = <=, NEGATOR = <,
HASHES, MERGES
);
CREATE OPERATOR > (
LEFTARG = ff3.int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.gt,
COMMUTATOR = <, NEGATOR = <=,
HASHES, MERGES
);
CREATE OPERATOR > (
LEFTARG = int8, RIGHTARG = ff3.int8,
FUNCTION = ff3.gt,
COMMUTATOR = >, NEGATOR = <=,
HASHES, MERGES
);
CREATE OPERATOR > (
LEFTARG = ff3.int8, RIGHTARG = int8,
FUNCTION = ff3.gt,
COMMUTATOR = >, NEGATOR = <=,
HASHES, MERGES
);
CREATE OPERATOR CLASS ff3_int8_ops
DEFAULT FOR TYPE ff3.int8 USING btree FAMILY integer_ops AS
OPERATOR 1 < (ff3.int8, ff3.int8) ,
OPERATOR 2 <= (ff3.int8, ff3.int8) ,
OPERATOR 3 = (ff3.int8, ff3.int8) ,
OPERATOR 4 >= (ff3.int8, ff3.int8) ,
OPERATOR 5 > (ff3.int8, ff3.int8) ,
FUNCTION 1 ff3.cmp (ff3.int8, ff3.int8) ,
FUNCTION 2 ff3.sortsupport(internal),
-- cross-type comparisons ff3.int8 vs int8
OPERATOR 1 < (ff3.int8, int8) ,
OPERATOR 2 <= (ff3.int8, int8) ,
OPERATOR 3 = (ff3.int8, int8) ,
OPERATOR 4 >= (ff3.int8, int8) ,
OPERATOR 5 > (ff3.int8, int8) ,
FUNCTION 1 ff3.cmp (ff3.int8, int8) ,
-- cross-type comparisons int8 vs ff3.int8
OPERATOR 1 < (int8, ff3.int8) ,
OPERATOR 2 <= (int8, ff3.int8) ,
OPERATOR 3 = (int8, ff3.int8) ,
OPERATOR 4 >= (int8, ff3.int8) ,
OPERATOR 5 > (int8, ff3.int8) ,
FUNCTION 1 ff3.cmp (int8, ff3.int8)
;
-- ########################
-- Main functions
-- ########################
CREATE FUNCTION ff3.encrypt(key_id integer, value text)
RETURNS text
AS 'MODULE_PATHNAME', 'pg_ff3_encrypt'
LANGUAGE C IMMUTABLE; -- Don't make it STRICT
COMMENT ON FUNCTION ff3.encrypt(integer,text) IS 'pseudonymize the text using the given key criteria';
CREATE FUNCTION ff3.decrypt(key_id integer, value text)
RETURNS text
AS 'MODULE_PATHNAME', 'pg_ff3_decrypt'
LANGUAGE C IMMUTABLE; -- Don't make it STRICT
COMMENT ON FUNCTION ff3.decrypt(integer,text) IS 'reverse the pseudonymization of the text using the given key criteria';
CREATE FUNCTION ff3.reidentify(username text, value int8)
RETURNS int8
AS 'MODULE_PATHNAME', 'pg_ff3_reidentify'
LANGUAGE C IMMUTABLE; -- Don't make it STRICT
COMMENT ON FUNCTION ff3.reidentify(text,int8) IS 'reverse the pseudonymization of the text for the given user';
-- ########################
-- Utilities
-- ########################
CREATE FUNCTION ff3.rebuild_cache()
RETURNS void
LANGUAGE C
AS 'MODULE_PATHNAME', 'pg_ff3_rebuild_cache';
CREATE FUNCTION ff3.invalidate_cache()
RETURNS trigger
LANGUAGE C
AS 'MODULE_PATHNAME', 'pg_ff3_invalidate_cache_trigger';
COMMENT ON FUNCTION ff3.invalidate_cache() IS 'invalidate the engine list';
CREATE TRIGGER ff3_invalidate_cache
AFTER INSERT OR UPDATE OR DELETE OR TRUNCATE
ON ff3.keys
FOR STATEMENT EXECUTE PROCEDURE ff3.invalidate_cache();
CREATE FUNCTION ff3.update_edited_columns()
RETURNS trigger
LANGUAGE 'plpgsql'
AS $BODY$
BEGIN
NEW.edited_at = now();
NEW.edited_by_db_user = current_user;
RETURN NEW;
END;
$BODY$;
CREATE TRIGGER ff3_keys_update_edited_columns
BEFORE UPDATE ON ff3.keys
FOR EACH ROW EXECUTE PROCEDURE ff3.update_edited_columns();
SELECT pg_catalog.pg_extension_config_dump('ff3.keys', '');
SELECT pg_catalog.pg_extension_config_dump('ff3.keys_seq', '');