more robust error handling

telkomdev · Sep 5, 2023 · 948c44e · 948c44e
1 parent 8333602
commit 948c44e
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 1 deletion.
diff --git a/crypsi_mysqludf.c b/crypsi_mysqludf.c
@@ -152,6 +152,7 @@ char* mcrypsi_aes_128_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -161,6 +162,7 @@ char* mcrypsi_aes_128_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     int dst_size = 0;
     ret = crypsi_aes_128_gcm_encrypt(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -197,6 +199,7 @@ char* mcrypsi_aes_128_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -206,6 +209,7 @@ char* mcrypsi_aes_128_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     int dst_size = 0;
     ret = crypsi_aes_128_gcm_decrypt(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -242,6 +246,7 @@ char* mcrypsi_aes_192_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -251,6 +256,7 @@ char* mcrypsi_aes_192_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     int dst_size = 0;
     ret = crypsi_aes_192_gcm_encrypt(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -287,6 +293,7 @@ char* mcrypsi_aes_192_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -296,6 +303,7 @@ char* mcrypsi_aes_192_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     int dst_size = 0;
     ret = crypsi_aes_192_gcm_decrypt(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -332,6 +340,7 @@ char* mcrypsi_aes_256_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -341,6 +350,7 @@ char* mcrypsi_aes_256_gcm_encrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     int dst_size = 0;
     ret = crypsi_aes_256_gcm_encrypt(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -377,6 +387,7 @@ char* mcrypsi_aes_256_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -386,6 +397,7 @@ char* mcrypsi_aes_256_gcm_decrypt(UDF_INIT* initid, UDF_ARGS* args, char* result
     int dst_size = 0;
     ret = crypsi_aes_256_gcm_decrypt(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -422,6 +434,7 @@ char* mcrypsi_hmac_md5(UDF_INIT* initid, UDF_ARGS* args, char* result,
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -431,6 +444,7 @@ char* mcrypsi_hmac_md5(UDF_INIT* initid, UDF_ARGS* args, char* result,
     int dst_size = 0;
     ret = crypsi_hmac_md5(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -467,6 +481,7 @@ char* mcrypsi_hmac_sha1(UDF_INIT* initid, UDF_ARGS* args, char* result,
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -476,6 +491,7 @@ char* mcrypsi_hmac_sha1(UDF_INIT* initid, UDF_ARGS* args, char* result,
     int dst_size = 0;
     ret = crypsi_hmac_sha1(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -512,6 +528,7 @@ char* mcrypsi_hmac_sha256(UDF_INIT* initid, UDF_ARGS* args, char* result,
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -521,6 +538,7 @@ char* mcrypsi_hmac_sha256(UDF_INIT* initid, UDF_ARGS* args, char* result,
     int dst_size = 0;
     ret = crypsi_hmac_sha256(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -557,6 +575,7 @@ char* mcrypsi_hmac_sha384(UDF_INIT* initid, UDF_ARGS* args, char* result,
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -566,6 +585,7 @@ char* mcrypsi_hmac_sha384(UDF_INIT* initid, UDF_ARGS* args, char* result,
     int dst_size = 0;
     ret = crypsi_hmac_sha384(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }
@@ -602,6 +622,7 @@ char* mcrypsi_hmac_sha512(UDF_INIT* initid, UDF_ARGS* args, char* result,
     unsigned long* length, char* is_null, char* error) {
     unsigned char* dst = (unsigned char*) initid->ptr;
     int ret = 0;
+    *length = 0;
     *is_null = 0;
     *error = 0;
     char* input_key = args->args[0];
@@ -611,6 +632,7 @@ char* mcrypsi_hmac_sha512(UDF_INIT* initid, UDF_ARGS* args, char* result,
     int dst_size = 0;
     ret = crypsi_hmac_sha512(input_key, input_text, text_size, &dst, &dst_size);
     if (ret != 0) {
+        *is_null = 1;
         *error = 1;
         return NULL;
     }

diff --git a/scripts/test.sql b/scripts/test.sql
@@ -48,4 +48,14 @@ select mcrypsi_aes_192_gcm_encrypt('abc$#128djdyAgbjau&YAnmc', 'hello world') as
 select 'hello worldie' != mcrypsi_aes_192_gcm_decrypt('abc$#128djdyAgbjau&YAnmc', mcrypsi_aes_192_gcm_encrypt('abc$#128djdyAgbjau&YAnmc', 'hello world')) as res_mcrypsi_aes_192_gcm_encrypt_invalid;
 
 select mcrypsi_aes_256_gcm_encrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', 'hello world') as res;
-select 'hello worldie' != mcrypsi_aes_256_gcm_decrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', mcrypsi_aes_256_gcm_encrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', 'hello world')) as res_mcrypsi_aes_256_gcm_encrypt_invalid;
+select 'hello worldie' != mcrypsi_aes_256_gcm_decrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', mcrypsi_aes_256_gcm_encrypt('abc$#128djdyAgbjau&YAnmcbagryt5x', 'hello world')) as res_mcrypsi_aes_256_gcm_encrypt_invalid;
+
+-- AES with invalid key size --
+select mcrypsi_aes_128_gcm_encrypt('abc$#', 'hello world') as res;
+select 0 = (mcrypsi_aes_128_gcm_encrypt('abc$#', 'hello world') is not null) as res_mcrypsi_aes_128_gcm_encrypt_invalid_key;
+
+select mcrypsi_aes_192_gcm_encrypt('abc$#', 'hello world') as res;
+select 0 = (mcrypsi_aes_192_gcm_encrypt('abc$#', 'hello world') is not null) as res_mcrypsi_aes_192_gcm_encrypt_invalid_key;
+
+select mcrypsi_aes_256_gcm_encrypt('abc$#', 'hello world') as res;
+select 0 = (mcrypsi_aes_256_gcm_encrypt('abc$#', 'hello world') is not null) as res_mcrypsi_aes_256_gcm_encrypt_invalid_key;