Skip to main content
Skip to main content

SM4_ENCRYPT

Description

Syntax

VARCHAR SM4_ENCRYPT(VARCHAR str, VARCHAR key_str[, VARCHAR init_vector][, VARCHAR encryption_mode])

Returns the encrypted result, where:

  • str is the text to be encrypted;
  • key_str is the key. Note that this key is not a hexadecimal encoding, but a string representation of the encoded key. For example, for 128-bit key encryption, key_str should be 16-length. If the key is not long enough, use zero padding to make it up. If it is longer than that, the final key is found using a cyclic xor method. For example, if the 128-bit key used by the algorithm finally is key, then key[i] = key_str[i] ^ key_str[i+128] ^ key_str[i+256] ^ ...
  • init_vector is the initial vector to be used in the algorithm, this is only valid for some algorithms, if not specified then Doris will use the built-in value;
  • encryption_mode is the encryption algorithm, optionally available in variable
danger

Until 3.0.2, function with two arguments will ignore session variable block_encryption_mode and always use SM4_128_ECB to do encryption. So it's not recommended to use it.

Since 3.0.3, it works as expected.

Example

mysql> set block_encryption_mode='';
Query OK, 0 rows affected (0.11 sec)

mysql> select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
+----------------------------------------------------------+
| to_base64(sm4_encrypt('text', '***', '', 'SM4_128_ECB')) |
+----------------------------------------------------------+
| aDjwRflBrDjhBZIOFNw3Tg== |
+----------------------------------------------------------+
1 row in set (0.15 sec)

mysql> set block_encryption_mode="SM4_128_CBC";
Query OK, 0 rows affected (0.10 sec)

mysql> select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3')); --- since 3.0.3
+----------------------------------------------------------+
| to_base64(sm4_encrypt('text', '***', '', 'SM4_128_CBC')) |
+----------------------------------------------------------+
| FSYstvOmH2cXy7B/072Mug== |
+----------------------------------------------------------+
1 row in set (0.14 sec)

MySQL > select to_base64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));
+----------------------------------------------------------------------------------+
| to_base64(sm4_encrypt('text', 'F3229A0B371ED2D9441B830D21A390C3', '0123456789')) |
+----------------------------------------------------------------------------------+
| G7yqOKfEyxdagboz6Qf01A== |
+----------------------------------------------------------------------------------+
1 row in set (0.014 sec)

Keywords

SM4_ENCRYPT, SM4, ENCRYPT