From 948c44ec9d1f809b271e97885513da9d210e2b39 Mon Sep 17 00:00:00 2001 From: wuriyanto Date: Tue, 5 Sep 2023 14:38:20 +0700 Subject: [PATCH] more robust error handling --- crypsi_mysqludf.c | 22 ++++++++++++++++++++++ scripts/test.sql | 12 +++++++++++- 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/crypsi_mysqludf.c b/crypsi_mysqludf.c index 2d21e00..42e675d 100644 --- a/crypsi_mysqludf.c +++ b/crypsi_mysqludf.c @@ -152,6 +152,7 @@ char* mcrypsi_aes_128_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -161,6 +162,7 @@ char* mcrypsi_aes_128_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result int dst_size = 0; ret = crypsi_aes_128_gcm_encrypt(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -197,6 +199,7 @@ char* mcrypsi_aes_128_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -206,6 +209,7 @@ char* mcrypsi_aes_128_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result int dst_size = 0; ret = crypsi_aes_128_gcm_decrypt(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -242,6 +246,7 @@ char* mcrypsi_aes_192_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -251,6 +256,7 @@ char* mcrypsi_aes_192_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result int dst_size = 0; ret = crypsi_aes_192_gcm_encrypt(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -287,6 +293,7 @@ char* mcrypsi_aes_192_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -296,6 +303,7 @@ char* mcrypsi_aes_192_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result int dst_size = 0; ret = crypsi_aes_192_gcm_decrypt(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -332,6 +340,7 @@ char* mcrypsi_aes_256_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -341,6 +350,7 @@ char* mcrypsi_aes_256_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result int dst_size = 0; ret = crypsi_aes_256_gcm_encrypt(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -377,6 +387,7 @@ char* mcrypsi_aes_256_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -386,6 +397,7 @@ char* mcrypsi_aes_256_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result int dst_size = 0; ret = crypsi_aes_256_gcm_decrypt(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -422,6 +434,7 @@ char* mcrypsi_hmac_md5(UDF_INIT* initid, UDF_ARGS* args, char* result, unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -431,6 +444,7 @@ char* mcrypsi_hmac_md5(UDF_INIT* initid, UDF_ARGS* args, char* result, int dst_size = 0; ret = crypsi_hmac_md5(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -467,6 +481,7 @@ char* mcrypsi_hmac_sha1(UDF_INIT* initid, UDF_ARGS* args, char* result, unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -476,6 +491,7 @@ char* mcrypsi_hmac_sha1(UDF_INIT* initid, UDF_ARGS* args, char* result, int dst_size = 0; ret = crypsi_hmac_sha1(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -512,6 +528,7 @@ char* mcrypsi_hmac_sha256(UDF_INIT* initid, UDF_ARGS* args, char* result, unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -521,6 +538,7 @@ char* mcrypsi_hmac_sha256(UDF_INIT* initid, UDF_ARGS* args, char* result, int dst_size = 0; ret = crypsi_hmac_sha256(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -557,6 +575,7 @@ char* mcrypsi_hmac_sha384(UDF_INIT* initid, UDF_ARGS* args, char* result, unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -566,6 +585,7 @@ char* mcrypsi_hmac_sha384(UDF_INIT* initid, UDF_ARGS* args, char* result, int dst_size = 0; ret = crypsi_hmac_sha384(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } @@ -602,6 +622,7 @@ char* mcrypsi_hmac_sha512(UDF_INIT* initid, UDF_ARGS* args, char* result, unsigned long* length, char* is_null, char* error) { unsigned char* dst = (unsigned char*) initid->ptr; int ret = 0; + *length = 0; *is_null = 0; *error = 0; char* input_key = args->args[0]; @@ -611,6 +632,7 @@ char* mcrypsi_hmac_sha512(UDF_INIT* initid, UDF_ARGS* args, char* result, int dst_size = 0; ret = crypsi_hmac_sha512(input_key, input_text, text_size, &dst, &dst_size); if (ret != 0) { + *is_null = 1; *error = 1; return NULL; } diff --git a/scripts/test.sql b/scripts/test.sql index 09d5e1a..3a4aa3c 100644 --- a/scripts/test.sql +++ b/scripts/test.sql @@ -48,4 +48,14 @@ select mcrypsi_aes_192_gcm_encrypt('abc$#128djdyAgbjau&YAnmc', 'hello world') as select 'hello worldie' != mcrypsi_aes_192_gcm_decrypt('abc$#128djdyAgbjau&YAnmc', mcrypsi_aes_192_gcm_encrypt('abc$#128djdyAgbjau&YAnmc', 'hello world')) as res_mcrypsi_aes_192_gcm_encrypt_invalid; select mcrypsi_aes_256_gcm_encrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', 'hello world') as res; -select 'hello worldie' != mcrypsi_aes_256_gcm_decrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', mcrypsi_aes_256_gcm_encrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', 'hello world')) as res_mcrypsi_aes_256_gcm_encrypt_invalid; \ No newline at end of file +select 'hello worldie' != mcrypsi_aes_256_gcm_decrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', mcrypsi_aes_256_gcm_encrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', 'hello world')) as res_mcrypsi_aes_256_gcm_encrypt_invalid; + +-- AES with invalid key size -- +select mcrypsi_aes_128_gcm_encrypt('abc$#', 'hello world') as res; +select 0 = (mcrypsi_aes_128_gcm_encrypt('abc$#', 'hello world') is not null) as res_mcrypsi_aes_128_gcm_encrypt_invalid_key; + +select mcrypsi_aes_192_gcm_encrypt('abc$#', 'hello world') as res; +select 0 = (mcrypsi_aes_192_gcm_encrypt('abc$#', 'hello world') is not null) as res_mcrypsi_aes_192_gcm_encrypt_invalid_key; + +select mcrypsi_aes_256_gcm_encrypt('abc$#', 'hello world') as res; +select 0 = (mcrypsi_aes_256_gcm_encrypt('abc$#', 'hello world') is not null) as res_mcrypsi_aes_256_gcm_encrypt_invalid_key; \ No newline at end of file