> On 02/02/2023 13:54 CET Zahir Lalani <zahirlalani@oliver.agency> wrote:
>
> Confidential
>
> Hello All
>
> We are testing a upgrade from pg11 to pg14 and have some issues to overcome.
> One of these is that we have upgraded pgsodium to the latest and there is a
> functional change – this question is not about sodium BTW.
>
> So here is a sample bit of code that I will use to explain the issue – this
> would usually be params passed in, but I have hard coded one particular case
> that does not need the decryption. The code below would return decrypted data
> if the key is supplied (non 0) otherwise return null. This code used to work
> because the secret box call would allow null params. It no longer does. When
> the key is 0, the data passed in would be null.
>
> LEFT JOIN lateral (
> SELECT
> CASE
> WHEN (0 > 0) THEN
> convert_from(crypto_secretbox_open, 'utf8')::JSON
> ELSE
> NULL
> END AS edata
> FROM
> crypto_secretbox_open(coalesce(null, '')::bytea, coalesce(null, '')::bytea,0)
> where (0>0)
> ) enc ON true
>
> The issue is that, even when the key is 0, the select is still run (its part
> of a lateral join) and what we need to achieve is to effectively have a
> conditional where we only run the select if the key > 0 otherwise we return
> null – I have a brain freeze on this! I am sure there is an easy solution,
> but right now I can’t see it.
Looks similar to a post from a few days ago:
https://www.postgresql.org/message-id/flat/CAALojA-nHoxDr7B2k0e1-EtGMPsGPZiCVeS_ds0aHG0SEOrPxg%40mail.gmail.com
I don't know pgsodium but the query optimizer will evalute crypto_secretbox_open
if the function is immutable and is called with constant arguments.
How is the key and the data passed to this query? Is it a prepared statement or
is the query generated on the fly for specific key and data that is already
known? In the latter case you can handle the case expression with two different
queries (one with crypto_secret_box and one without) depending on whether a key
exists or not.
--
Erik
PS: Please don't hijack threads on this mailing list.