This is an automated email from the ASF dual-hosted git repository.
luzhijing pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/master by this push:
new 475368c62d [typo](docs) Add some details about AES encryption. (#17243)
475368c62d is described below
commit 475368c62dae66695baed68b47401d02febcbfcd
Author: yagagagaga <[email protected]>
AuthorDate: Wed Mar 1 07:40:11 2023 +0800
[typo](docs) Add some details about AES encryption. (#17243)
* [typo](docs) Add some details about AES encryption.
* Update aes.md
* Update aes.md
* Update aes.md
* Update aes.md
---
.../sql-functions/encrypt-digest-functions/aes.md | 107 +++++++++++++++----
.../sql-functions/encrypt-digest-functions/aes.md | 118 ++++++++++++++++-----
2 files changed, 182 insertions(+), 43 deletions(-)
diff --git
a/docs/en/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md
b/docs/en/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md
index ab93459615..26e079bd7d 100644
--- a/docs/en/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md
+++ b/docs/en/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md
@@ -24,70 +24,141 @@ under the License.
## AES_ENCRYPT
+### Name
+
+AES_ENCRYPT
+
### description
-encryption of data using the official AES
+
+Encryption of data using the OpenSSL. This function is consistent with the
`AES_ENCRYPT` function in MySQL. Using AES_128_ECB algorithm by default, and
the padding mode is PKCS7.
+
#### Syntax
-`VARCHAR AES_ENCRYPT(str,key_str[,init_vector])`
+```
+AES_ENCRYPT(str,key_str[,init_vector])
+```
+
+#### Arguments
+
+- `str`: Content to be encrypted
+- `key_str`: Secret key
+- `init_vector`: Initialization Vector
+
+#### Return Type
+
+VARCHAR(*)
+
+#### Remarks
+
+The AES_ENCRYPT function is not used the user secret key directly, but will be
further processed. The specific steps are as follows:
+1. Determine the number of bytes of the SECRET KEY according to the encryption
algorithm used. For example, if you using AES_128_ECB, then the number of bytes
of SECRET KEY are `128 / 8 = 16`(if using AES_256_ECB, then SECRET KEY length
are `128 / 8 = 32`);
+2. Then XOR the `i` bit and the `16*k+i` bit of the SECRET KEY entered by the
user. If the length of the SECRET KEY less than 16 bytes, 0 will be padded;
+3. Finally, use the newly generated key for encryption;
### example
+```sql
+select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
-MySQL > select
to_base64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
+
+The results are consistent with those executed in MySQL.
+
+```text
+--------------------------------+
| to_base64(aes_encrypt('text')) |
+--------------------------------+
| wr2JEDVXzL9+2XtRhgIloA== |
+--------------------------------+
-1 row in set (0.010 sec)
+1 row in set (0.01 sec)
+```
-MySQL> set block_encryption_mode="AES_256_CBC";
-Query OK, 0 rows affected (0.006 sec)
+If you want to change other encryption algorithms, you can:
-MySQL > select
to_base64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));
+```sql
+set block_encryption_mode="AES_256_CBC";
+select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
+```
+
+Here is the result:
+
+```text
+-----------------------------------------------------+
| to_base64(aes_encrypt('text', '***', '0123456789')) |
+-----------------------------------------------------+
| tsmK1HzbpnEdR2//WhO+MA== |
+-----------------------------------------------------+
-1 row in set (0.011 sec)
+1 row in set (0.01 sec)
```
+For more information about `block_encryption_mode`, see also
[variables](../../../advanced/variables.md).
+
### keywords
AES_ENCRYPT
## AES_DECRYPT
-### description
-decryption of data using the official AES
+### Name
+
+AES_DECRYPT
+
+### Description
+
+Decryption of data using the OpenSSL. This function is consistent with the
`AES_DECRYPT` function in MySQL. Using AES_128_ECB algorithm by default, and
the padding mode is PKCS7.
+
#### Syntax
-`VARCHAR AES_DECRYPT(str,key_str[,init_vector])`
+```
+AES_DECRYPT(str,key_str[,init_vector])
+```
+
+#### Arguments
+
+- `str`: Content that encrypted
+- `key_str`: Secret key
+- `init_vector`: Initialization Vector
+
+#### Return Type
+
+VARCHAR(*)
### example
+```sql
+select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');
```
-MySQL > select
AES_DECRYPT(FROM_BASE64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');
+
+The results are consistent with those executed in MySQL.
+
+```text
+------------------------------------------------------+
| aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA==')) |
+------------------------------------------------------+
| text |
+------------------------------------------------------+
-1 row in set (0.012 sec)
+1 row in set (0.01 sec)
+```
-MySQL> set block_encryption_mode="AES_256_CBC";
-Query OK, 0 rows affected (0.006 sec)
+If you want to change other encryption algorithms, you can:
-MySQL > select
AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
+```sql
+set block_encryption_mode="AES_256_CBC";
+select
aes_decrypt(from_base64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
+```
+
+Here is the result:
+
+```text
+---------------------------------------------------------------------------+
| aes_decrypt(from_base64('tsmK1HzbpnEdR2//WhO+MA=='), '***', '0123456789') |
+---------------------------------------------------------------------------+
| text |
+---------------------------------------------------------------------------+
-1 row in set (0.012 sec)
+1 row in set (0.01 sec)
```
+For more information about `block_encryption_mode`, see also
[variables](../../../advanced/variables.md).
+
### keywords
- AES_ENCRYPT, AES_DECRYPT
+ AES_DECRYPT
diff --git
a/docs/zh-CN/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md
b/docs/zh-CN/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md
index c657540108..c8643430a6 100644
--- a/docs/zh-CN/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md
+++ b/docs/zh-CN/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md
@@ -24,73 +24,141 @@ under the License.
## AES_ENCRYPT
-### description
-Aes 加密函数
+### Name
+
+AES_ENCRYPT
+
+### Description
+
+Aes 加密函数。该函数与 MySQL 中的 `AES_ENCRYPT` 函数行为一致。默认采用 AES_128_ECB 算法,padding 模式为
PKCS7。底层使用 OpenSSL 库进行加密。
+
#### Syntax
-`VARCHAR AES_ENCRYPT(str,key_str[,init_vector])`
+```
+AES_ENCRYPT(str,key_str[,init_vector])
+```
+
+#### Arguments
+
+- `str`: 待加密的内容
+- `key_str`: 密钥
+- `init_vector`: 初始向量
-返回加密后的结果
+#### Return Type
-### example
+VARCHAR(*)
+#### Remarks
+
+AES_ENCRYPT 函数对于传入的密钥,并不是直接使用,而是会进一步做处理,具体步骤如下:
+1. 根据使用的加密算法,确定密钥的字节数,比如使用 AES_128_ECB 算法,则密钥字节数为 `128 / 8 = 16`(如果使用
AES_256_ECB 算法,则密钥字节数为 `128 / 8 = 32`);
+2. 然后针对用户输入的密钥,第 `i` 位和第 `16*k+i` 位进行异或,如果用户输入的密钥不足 16 位,则后面补 0;
+3. 最后,再使用新生成的密钥进行加密;
+
+### Example
+
+```sql
+select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
-MySQL > select
to_base64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
+
+结果与在 MySQL 中执行的结果一致,如下:
+
+```text
+--------------------------------+
| to_base64(aes_encrypt('text')) |
+--------------------------------+
| wr2JEDVXzL9+2XtRhgIloA== |
+--------------------------------+
-1 row in set (0.010 sec)
+1 row in set (0.01 sec)
+```
+
+如果你想更换其他加密算法,可以
+
+```sql
+set block_encryption_mode="AES_256_CBC";
+select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
+```
-MySQL> set block_encryption_mode="AES_256_CBC";
-Query OK, 0 rows affected (0.006 sec)
+结果如下:
-MySQL > select
to_base64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));
+```text
+-----------------------------------------------------+
| to_base64(aes_encrypt('text', '***', '0123456789')) |
+-----------------------------------------------------+
| tsmK1HzbpnEdR2//WhO+MA== |
+-----------------------------------------------------+
-1 row in set (0.011 sec)
+1 row in set (0.01 sec)
```
-### keywords
+
+关于 `block_encryption_mode` 可选的值可以参见:[变量章节](../../../advanced/variables.md)。
+
+### Keywords
AES_ENCRYPT
## AES_DECRYPT
-### description
-Aes 解密函数
+### Name
+
+AES_DECRYPT
+
+### Description
+
+Aes 解密函数。该函数与 MySQL 中的 `AES_DECRYPT` 函数行为一致。默认采用 AES_128_ECB 算法,padding 模式为
PKCS7。底层使用 OpenSSL 库进行加密。
+
#### Syntax
-`VARCHAR AES_DECRYPT(str,key_str[,init_vector])`
+```
+AES_DECRYPT(str,key_str[,init_vector])
+```
+
+#### Arguments
-返回解密后的结果
+- `str`: 已加密的内容
+- `key_str`: 密钥
+- `init_vector`: 初始向量
-### example
+#### Return Type
+VARCHAR(*)
+
+### Example
+
+```sql
+select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');
```
-MySQL > select
AES_DECRYPT(FROM_BASE64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');
+
+结果与在 MySQL 中执行的结果一致,如下:
+
+```text
+------------------------------------------------------+
| aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA==')) |
+------------------------------------------------------+
| text |
+------------------------------------------------------+
-1 row in set (0.012 sec)
+1 row in set (0.01 sec)
+```
-MySQL> set block_encryption_mode="AES_256_CBC";
-Query OK, 0 rows affected (0.006 sec)
+如果你想更换其他加密算法,可以
-MySQL > select
AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
+```sql
+set block_encryption_mode="AES_256_CBC";
+select
AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
+```
+
+结果如下:
+
+```text
+---------------------------------------------------------------------------+
| aes_decrypt(from_base64('tsmK1HzbpnEdR2//WhO+MA=='), '***', '0123456789') |
+---------------------------------------------------------------------------+
| text |
+---------------------------------------------------------------------------+
-1 row in set (0.012 sec)
+1 row in set (0.01 sec)
```
-### keywords
+关于 `block_encryption_mode` 可选的值可以参见:[变量章节](../../../advanced/variables.md)。
+
+### Keywords
- AES_ENCRYPT, AES_DECRYPT
+ AES_DECRYPT
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
