#include "pgsodium.h" PG_FUNCTION_INFO_V1(pgsodium_crypto_secretbox_keygen); Datum pgsodium_crypto_secretbox_keygen(PG_FUNCTION_ARGS) { size_t result_size = VARHDRSZ + crypto_secretbox_KEYBYTES; bytea *result = _pgsodium_zalloc_bytea(result_size); crypto_secretbox_keygen(PGSODIUM_UCHARDATA(result)); PG_RETURN_BYTEA_P(result); } PG_FUNCTION_INFO_V1(pgsodium_crypto_secretbox_noncegen); Datum pgsodium_crypto_secretbox_noncegen(PG_FUNCTION_ARGS) { int result_size = VARHDRSZ + crypto_secretbox_NONCEBYTES; bytea *result = _pgsodium_zalloc_bytea(result_size); randombytes_buf(VARDATA(result), crypto_secretbox_NONCEBYTES); PG_RETURN_BYTEA_P(result); } PG_FUNCTION_INFO_V1(pgsodium_crypto_secretbox); Datum pgsodium_crypto_secretbox(PG_FUNCTION_ARGS) { bytea *message = PG_GETARG_BYTEA_P(0); bytea *nonce = PG_GETARG_BYTEA_P(1); bytea *key = PG_GETARG_BYTEA_P(2); size_t result_size; bytea *result; ERRORIF(VARSIZE_ANY_EXHDR(nonce) != crypto_secretbox_NONCEBYTES, "%s: invalid nonce"); ERRORIF(VARSIZE_ANY_EXHDR(key) != crypto_secretbox_KEYBYTES, "%s: invalid key"); result_size = crypto_secretbox_MACBYTES + VARSIZE_ANY(message); result = _pgsodium_zalloc_bytea(result_size); crypto_secretbox_easy(PGSODIUM_UCHARDATA(result), PGSODIUM_UCHARDATA(message), VARSIZE_ANY_EXHDR(message), PGSODIUM_UCHARDATA(nonce), PGSODIUM_UCHARDATA(key)); PG_RETURN_BYTEA_P(result); } PG_FUNCTION_INFO_V1(pgsodium_crypto_secretbox_by_id); Datum pgsodium_crypto_secretbox_by_id(PG_FUNCTION_ARGS) { bytea *message = PG_GETARG_BYTEA_P(0); bytea *nonce = PG_GETARG_BYTEA_P(1); unsigned long long key_id = PG_GETARG_INT64(2); bytea *context = PG_GETARG_BYTEA_P(3); bytea *key = pgsodium_derive_helper(key_id, crypto_secretbox_KEYBYTES, context); size_t result_size = crypto_secretbox_MACBYTES + VARSIZE_ANY(message); bytea *result = _pgsodium_zalloc_bytea(result_size); crypto_secretbox_easy(PGSODIUM_UCHARDATA(result), PGSODIUM_UCHARDATA(message), VARSIZE_ANY_EXHDR(message), PGSODIUM_UCHARDATA(nonce), PGSODIUM_UCHARDATA(key)); PG_RETURN_BYTEA_P(result); } PG_FUNCTION_INFO_V1(pgsodium_crypto_secretbox_open); Datum pgsodium_crypto_secretbox_open(PG_FUNCTION_ARGS) { int success; bytea *message = PG_GETARG_BYTEA_P(0); bytea *nonce = PG_GETARG_BYTEA_P(1); bytea *key = PG_GETARG_BYTEA_P(2); size_t message_size; size_t result_size; bytea *result; ERRORIF(VARSIZE_ANY_EXHDR(message) <= crypto_secretbox_MACBYTES, "%s: invalid message"); ERRORIF(VARSIZE_ANY_EXHDR(nonce) != crypto_secretbox_NONCEBYTES, "%s: invalid nonce"); ERRORIF(VARSIZE_ANY_EXHDR(key) != crypto_secretbox_KEYBYTES, "%s: invalid key"); message_size = VARSIZE_ANY_EXHDR(message) - crypto_secretbox_MACBYTES; result_size = VARHDRSZ + message_size; result = _pgsodium_zalloc_bytea(result_size); success = crypto_secretbox_open_easy(PGSODIUM_UCHARDATA(result), PGSODIUM_UCHARDATA(message), VARSIZE_ANY_EXHDR(message), PGSODIUM_UCHARDATA(nonce), PGSODIUM_UCHARDATA(key)); ERRORIF(success != 0, "%s: invalid message"); PG_RETURN_BYTEA_P(result); } PG_FUNCTION_INFO_V1(pgsodium_crypto_secretbox_open_by_id); Datum pgsodium_crypto_secretbox_open_by_id(PG_FUNCTION_ARGS) { int success; bytea *message = PG_GETARG_BYTEA_P(0); bytea *nonce = PG_GETARG_BYTEA_P(1); unsigned long long key_id = PG_GETARG_INT64(2); bytea *context = PG_GETARG_BYTEA_P(3); bytea *key = pgsodium_derive_helper(key_id, crypto_secretbox_KEYBYTES, context); size_t message_size; size_t result_size; bytea *result; ERRORIF(VARSIZE_ANY_EXHDR(message) <= crypto_secretbox_MACBYTES, "%s: invalid message"); ERRORIF(VARSIZE_ANY_EXHDR(nonce) != crypto_secretbox_NONCEBYTES, "%s: invalid nonce"); message_size = VARSIZE_ANY_EXHDR(message) - crypto_secretbox_MACBYTES; result_size = VARHDRSZ + message_size; result = _pgsodium_zalloc_bytea(result_size); success = crypto_secretbox_open_easy(PGSODIUM_UCHARDATA(result), PGSODIUM_UCHARDATA(message), VARSIZE_ANY_EXHDR(message), PGSODIUM_UCHARDATA(nonce), PGSODIUM_UCHARDATA(key)); ERRORIF(success != 0, "%s: invalid message"); PG_RETURN_BYTEA_P(result); }