This is an automated email from the ASF dual-hosted git repository.
kassiez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris-website.git
The following commit(s) were added to refs/heads/master by this push:
new 5b0568db153 Fix lost extremely important warnings (#1993)
5b0568db153 is described below
commit 5b0568db1539dd9d5713fba5e04a0787cf038fbc
Author: zclllyybb <zhaochan...@selectdb.com>
AuthorDate: Wed Feb 12 11:07:35 2025 +0800
Fix lost extremely important warnings (#1993)
which removed in https://github.com/apache/doris-website/pull/1463
## Versions
- [x] dev
- [x] 3.0
- [x] 2.1
- [x] 2.0
## Languages
- [x] Chinese
- [x] English
## Docs Checklist
- [ ] Checked by AI
- [ ] Test Cases Built
---
.../sql-functions/encrypt-digest-functions/aes-decrypt.md | 4 ++++
.../sql-functions/encrypt-digest-functions/aes-encrypt.md | 4 ++++
.../sql-functions/encrypt-digest-functions/sm4-decrypt.md | 4 ++++
.../sql-functions/encrypt-digest-functions/sm4-encrypt.md | 4 ++++
.../encrypt-digest-functions/aes-decrypt.md | 6 ++++++
.../encrypt-digest-functions/aes-encrypt.md | 12 ++++++++++--
.../encrypt-digest-functions/sm4-decrypt.md | 14 +++++++++++---
.../encrypt-digest-functions/sm4-encrypt.md | 11 ++++++++++-
.../encrypt-digest-functions/aes-decrypt.md | 12 ++++++++++--
.../encrypt-digest-functions/aes-encrypt.md | 12 ++++++++++--
.../encrypt-digest-functions/sm4-decrypt.md | 15 +++++++++++----
.../encrypt-digest-functions/sm4-encrypt.md | 13 +++++++++++--
.../sql-functions/encrypt-digest-functions/aes-decrypt.md | 10 +++++++---
.../sql-functions/encrypt-digest-functions/aes-encrypt.md | 11 +++++++----
.../sql-functions/encrypt-digest-functions/sm4-decrypt.md | 9 ++++++---
.../sql-functions/encrypt-digest-functions/sm4-encrypt.md | 9 +++++++--
.../encrypt-digest-functions/aes-decrypt.md | 12 ++++++++++--
.../encrypt-digest-functions/aes-encrypt.md | 11 ++++++++++-
.../encrypt-digest-functions/sm4-decrypt.md | 14 +++++++++++---
.../encrypt-digest-functions/sm4-encrypt.md | 11 ++++++++++-
.../encrypt-digest-functions/aes-decrypt.md | 12 ++++++++++--
.../encrypt-digest-functions/aes-encrypt.md | 13 ++++++++++---
.../encrypt-digest-functions/sm4-decrypt.md | 14 +++++++++++---
.../encrypt-digest-functions/sm4-encrypt.md | 11 ++++++++++-
24 files changed, 204 insertions(+), 44 deletions(-)
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-decrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-decrypt.md
index 1d21d0aa28c..2ab5f254d68 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-decrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-decrypt.md
@@ -39,6 +39,10 @@ VARCHAR AES_DECRYPT(VARCHAR str, VARCHAR key_str[, VARCHAR
init_vector][, VARCHA
- `init_vector` 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量;
- `encryption_mode` 为加密算法,可选值见于变量。
+:::warning
+两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `AES_128_ECB`
算法进行解密。因此不推荐调用。
+:::
+
### 示例
```sql
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-encrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-encrypt.md
index deea271f164..a9007a604a6 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-encrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-encrypt.md
@@ -40,6 +40,10 @@ VARCHAR AES_ENCRYPT(VARCHAR str, VARCHAR key_str[, VARCHAR
init_vector][, VARCHA
- `init_vector` 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量;
- `encryption_mode` 为加密算法,可选值见于变量。
+:::warning
+两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `AES_128_ECB`
算法进行加密。因此不推荐调用。
+:::
+
### 注意事项
AES_ENCRYPT 函数对于传入的密钥,并不是直接使用,而是会进一步做处理,具体步骤如下:
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-decrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-decrypt.md
index f84c42e280e..99e3d62c877 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-decrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-decrypt.md
@@ -41,6 +41,10 @@ VARCHAR SM4_DECRYPT(VARCHAR str, VARCHAR key_str[, VARCHAR
init_vector][, VARCHA
- `init_vector` 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量;
- `encryption_mode` 为加密算法,可选值见于变量。
+:::warning
+两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `SM4_128_ECB`
算法进行解密。这与 1.2 版本行为不同,升降级时必须注意。
+:::
+
### 示例
```sql
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-encrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-encrypt.md
index baee07eaa9a..6a20a007316 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-encrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-encrypt.md
@@ -40,6 +40,10 @@ VARCHAR SM4_ENCRYPT(VARCHAR str, VARCHAR key_str[, VARCHAR
init_vector][, VARCHA
- `init_vector` 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量;
- `encryption_mode` 为加密算法,可选值见于变量。
+:::warning
+两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `SM4_128_ECB`
算法进行加密。这与 1.2 版本行为不同,升降级时必须注意。
+:::
+
### 示例
```sql
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
index 6cceb2caa8d..edb99f0e8cf 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
@@ -26,6 +26,12 @@ under the License.
AES 解密函数。该函数与 MySQL 中的 `AES_DECRYPT` 函数行为一致。默认采用 `AES_128_ECB` 算法,padding 模式为
`PKCS7`。
+:::warning
+截止 2.1.6,两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `AES_128_ECB`
算法进行解密。因此不推荐调用。
+
+2.1.7 起,该行为恢复正常。
+:::
+
## 语法
```sql
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
index fb0bee245b1..309661957e6 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
@@ -27,10 +27,17 @@ under the License.
AES 加密函数。该函数与 MySQL 中的 `AES_ENCRYPT` 函数行为一致。默认采用 `AES_128_ECB` 算法,padding 模式为
`PKCS7`。
AES_ENCRYPT 函数对于传入的密钥,并不是直接使用,而是会进一步做处理,具体步骤如下:
+
1. 根据使用的加密算法,确定密钥的字节数,比如使用 AES_128_ECB 算法,则密钥字节数为 `128 / 8 = 16`(如果使用
AES_256_ECB 算法,则密钥字节数为 `128 / 8 = 32`);
2. 然后针对用户输入的密钥,第 `i` 位和第 `16*k+i` 位进行异或,如果用户输入的密钥不足 16 位,则后面补 0;
3. 最后,再使用新生成的密钥进行加密;
+:::warning
+截止 2.1.6,两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `AES_128_ECB`
算法进行加密。因此不推荐调用。
+
+2.1.7 起,该行为恢复正常。
+:::
+
## 语法
```sql
@@ -46,15 +53,14 @@ AES_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量 |
| `<encryption_mode>` | 为加密算法,可选值见于变量 |
-
## 返回值
返回二进制的加密后的数据
-
## 示例
使用AES_128_ECB算法
+
```sql
set block_encryption_mode='';
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -69,6 +75,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
使用AES_256_CBC算法
+
```sql
set block_encryption_mode="AES_256_CBC";
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -83,6 +90,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
使用AES_256_CBC算法并设置初始向量
+
```sql
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
index c97d56d1cab..7237a4436a8 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
@@ -26,13 +26,18 @@ under the License.
SM4是一种国家标准的对称密钥加密算法,广泛应用于金融、通信、电子商务等领域。SM4_DECRYPT函数用于对数据进行SM4解密。默认采用
`SM4_128_ECB` 算法。
+:::warning
+截止 2.1.6,两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `SM4_128_ECB`
算法进行解密。因此不推荐调用。
+
+2.1.7 起,该行为恢复正常。
+:::
+
## 语法
```sql
SM4_DECRYPT( <str>, <key_str>[, <init_vector>][, <encryption_mode>])
```
-
## 参数
| 参数 | 说明 |
@@ -42,7 +47,6 @@ SM4_DECRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量 |
| `<encryption_mode>` | 为加密算法,可选值见于变量 |
-
## 返回值
如果解密成功: 返回解密后的数据,通常是明文的二进制表示。
@@ -54,6 +58,7 @@ SM4_DECRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
### 解密成功
使用默认算法
+
```sql
set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -68,6 +73,7 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B
```
使用SM4_128_CBC算法
+
```sql
set block_encryption_mode="SM4_128_CBC";
select
SM4_DECRYPT(FROM_BASE64('FSYstvOmH2cXy7B/072Mug=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -82,6 +88,7 @@ select
SM4_DECRYPT(FROM_BASE64('FSYstvOmH2cXy7B/072Mug=='),'F3229A0B371ED2D9441B
```
使用SM4_128_CBC算法并初始向量
+
```sql
select
SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
@@ -95,6 +102,7 @@ select
SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B
```
### 解密失败
+
```sql
set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIdOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -106,4 +114,4 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIdOFNw3Tg=='),'F3229A0B371ED2D9441
+---------------------------------------------------------------------------------+
| NULL
|
+---------------------------------------------------------------------------------+
-```
\ No newline at end of file
+```
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
index 1efc90da455..7cc6672b494 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
@@ -26,6 +26,12 @@ under the License.
SM4是一种国家标准的对称密钥加密算法,广泛应用于金融、通信、电子商务等领域。SM4_ENCRYPT函数用于对数据进行SM4加密。默认采用
`SM4_128_ECB` 算法。
+:::warning
+截止 2.1.6,两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `SM4_128_ECB`
算法进行加密。因此不推荐调用。
+
+2.1.7 起,该行为恢复正常。
+:::
+
## 语法
```sql
@@ -41,7 +47,6 @@ SM4_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量 |
| `<encryption_mode>` | 为加密算法,可选值见于变量 |
-
## 返回值
返回二进制的加密后的数据
@@ -49,6 +54,7 @@ SM4_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
## 示例
使用默认算法
+
```sql
set block_encryption_mode='';
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -63,6 +69,7 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
使用SM4_128_CBC算法
+
```sql
set block_encryption_mode="SM4_128_CBC";
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -77,10 +84,12 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
使用SM4_128_CBC算法并设置初始向量
+
```sql
set block_encryption_mode="SM4_128_CBC";
select to_base64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
+
```text
+--------------------------------------------------------------------+
| to_base64(sm4_encrypt('text', '***', '0123456789', 'SM4_128_CBC')) |
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
index 6cceb2caa8d..75f1f3de743 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
@@ -26,6 +26,12 @@ under the License.
AES 解密函数。该函数与 MySQL 中的 `AES_DECRYPT` 函数行为一致。默认采用 `AES_128_ECB` 算法,padding 模式为
`PKCS7`。
+:::warning
+截止 3.0.2,两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `AES_128_ECB`
算法进行解密。因此不推荐调用。
+
+3.0.3 起,该行为恢复正常。
+:::
+
## 语法
```sql
@@ -47,12 +53,12 @@ AES_DECRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
如果解密失败: 返回 NULL。
-
## 示例
### 解密成功
使用默认算法
+
```sql
set block_encryption_mode='';
select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -67,6 +73,7 @@ select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B
```
使用AES_256_CBC算法
+
```sql
set block_encryption_mode="AES_256_CBC";
select
aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -81,6 +88,7 @@ select
aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='),'F3229A0B371ED2D9441B
```
使用AES_256_CBC算法并设置初始向量
+
```sql
select
AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
@@ -105,4 +113,4 @@ select
AES_DECRYPT(FROM_BASE64('tsmK1H3zbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441
+-------------------------------------------------------------------------------------------+
| NULL
|
+-------------------------------------------------------------------------------------------+
-```
\ No newline at end of file
+```
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
index fb0bee245b1..39ed5245144 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
@@ -27,10 +27,17 @@ under the License.
AES 加密函数。该函数与 MySQL 中的 `AES_ENCRYPT` 函数行为一致。默认采用 `AES_128_ECB` 算法,padding 模式为
`PKCS7`。
AES_ENCRYPT 函数对于传入的密钥,并不是直接使用,而是会进一步做处理,具体步骤如下:
+
1. 根据使用的加密算法,确定密钥的字节数,比如使用 AES_128_ECB 算法,则密钥字节数为 `128 / 8 = 16`(如果使用
AES_256_ECB 算法,则密钥字节数为 `128 / 8 = 32`);
2. 然后针对用户输入的密钥,第 `i` 位和第 `16*k+i` 位进行异或,如果用户输入的密钥不足 16 位,则后面补 0;
3. 最后,再使用新生成的密钥进行加密;
+:::warning
+截止 3.0.2,两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `AES_128_ECB`
算法进行加密。因此不推荐调用。
+
+3.0.3 起,该行为恢复正常。
+:::
+
## 语法
```sql
@@ -46,15 +53,14 @@ AES_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量 |
| `<encryption_mode>` | 为加密算法,可选值见于变量 |
-
## 返回值
返回二进制的加密后的数据
-
## 示例
使用AES_128_ECB算法
+
```sql
set block_encryption_mode='';
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -69,6 +75,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
使用AES_256_CBC算法
+
```sql
set block_encryption_mode="AES_256_CBC";
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -83,6 +90,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
使用AES_256_CBC算法并设置初始向量
+
```sql
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
index 67861a71930..17c66b6a4f3 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
@@ -22,18 +22,22 @@ specific language governing permissions and limitations
under the License.
-->
-
## 描述
SM4是一种国家标准的对称密钥加密算法,广泛应用于金融、通信、电子商务等领域。SM4_DECRYPT函数用于对数据进行SM4解密。默认采用
`SM4_128_ECB` 算法。
+:::warning
+截止 3.0.2,两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `SM4_128_ECB`
算法进行解密。因此不推荐调用。
+
+3.0.3 起,该行为恢复正常。
+:::
+
## 语法
```sql
SM4_DECRYPT( <str>, <key_str>[, <init_vector>][, <encryption_mode>])
```
-
## 参数
| 参数 | 说明 |
@@ -43,7 +47,6 @@ SM4_DECRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量 |
| `<encryption_mode>` | 为加密算法,可选值见于变量 |
-
## 返回值
如果解密成功: 返回解密后的数据,通常是明文的二进制表示。
@@ -55,6 +58,7 @@ SM4_DECRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
### 解密成功
使用默认算法
+
```sql
set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -69,6 +73,7 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B
```
使用SM4_128_CBC算法
+
```sql
set block_encryption_mode="SM4_128_CBC";
select
SM4_DECRYPT(FROM_BASE64('FSYstvOmH2cXy7B/072Mug=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -83,6 +88,7 @@ select
SM4_DECRYPT(FROM_BASE64('FSYstvOmH2cXy7B/072Mug=='),'F3229A0B371ED2D9441B
```
使用SM4_128_CBC算法并初始向量
+
```sql
select
SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
@@ -96,6 +102,7 @@ select
SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B
```
### 解密失败
+
```sql
set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIdOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -107,4 +114,4 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIdOFNw3Tg=='),'F3229A0B371ED2D9441
+---------------------------------------------------------------------------------+
| NULL
|
+---------------------------------------------------------------------------------+
-```
\ No newline at end of file
+```
diff --git
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
index 70f4faedf3f..52fe02a23fb 100644
---
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
+++
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
@@ -26,6 +26,12 @@ under the License.
SM4是一种国家标准的对称密钥加密算法,广泛应用于金融、通信、电子商务等领域。SM4_ENCRYPT函数用于对数据进行SM4加密。默认采用
`SM4_128_ECB` 算法。
+:::warning
+截止 3.0.2,两参数版本,会无视 session variable `block_encryption_mode`,始终使用 `SM4_128_ECB`
算法进行加密。因此不推荐调用。
+
+3.0.3 起,该行为恢复正常。
+:::
+
## 语法
```sql
@@ -41,7 +47,6 @@ SM4_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | 为算法中使用到的初始向量,仅在特定算法下生效,如不指定,则 Doris 使用内置向量 |
| `<encryption_mode>` | 为加密算法,可选值见于变量 |
-
## 返回值
返回二进制的加密后的数据
@@ -49,6 +54,7 @@ SM4_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
## 示例
使用默认算法
+
```sql
set block_encryption_mode='';
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -63,6 +69,7 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
使用SM4_128_CBC算法
+
```sql
set block_encryption_mode="SM4_128_CBC";
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -77,14 +84,16 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
使用SM4_128_CBC算法并设置初始向量
+
```sql
set block_encryption_mode="SM4_128_CBC";
select to_base64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
+
```text
+--------------------------------------------------------------------+
| to_base64(sm4_encrypt('text', '***', '0123456789', 'SM4_128_CBC')) |
+--------------------------------------------------------------------+
| 1Y4NGIukSbv9OrkZnRD1bQ== |
+--------------------------------------------------------------------+
-```
\ No newline at end of file
+```
diff --git
a/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-decrypt.md
b/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-decrypt.md
index d0dbea8286b..3b47dd27666 100644
---
a/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-decrypt.md
+++
b/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-decrypt.md
@@ -39,6 +39,10 @@ VARCHAR AES_DECRYPT(VARCHAR str, VARCHAR key_str [, VARCHAR
init_vector [, VARCH
- `init_vector` is the initial vector to be used in the algorithm, this is
only valid for some algorithms, if not specified then Doris will use the
built-in value;
- `encryption_mode` is the encryption algorithm, optionally available in
variable.
+:::warning
+Function with two arguments will ignore session variable
`block_encryption_mode` and always use `AES_128_ECB` to do decryption. So it's
not recommended to use it.
+:::
+
### Example
```sql
@@ -46,7 +50,7 @@ set block_encryption_mode='';
select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');
```
-```
+```text
+--------------------------------------------------------------------------------+
| aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='), '***', '',
'AES_128_ECB') |
+--------------------------------------------------------------------------------+
@@ -59,7 +63,7 @@ set block_encryption_mode="AES_256_CBC";
select
aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='),'F3229A0B371ED2D9441B830D21A390C3');
```
-```
+```text
+--------------------------------------------------------------------------------+
| aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='), '***', '',
'AES_256_CBC') |
+--------------------------------------------------------------------------------+
@@ -71,7 +75,7 @@ select
aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='),'F3229A0B371ED2D9441B
select
AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
-```
+```text
+------------------------------------------------------------------------------------------+
| aes_decrypt(from_base64('tsmK1HzbpnEdR2//WhO+MA=='), '***', '0123456789',
'AES_256_CBC') |
+------------------------------------------------------------------------------------------+
diff --git
a/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-encrypt.md
b/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-encrypt.md
index e2414b66366..adaf33d120f 100644
---
a/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-encrypt.md
+++
b/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/aes-encrypt.md
@@ -22,7 +22,6 @@ specific language governing permissions and limitations
under the License.
-->
-
### Description
AES encryption function. This function behaves like the `AES_ENCRYPT` function
in MySQL. By default, it uses the `AES_128_ECB` algorithm with `PKCS7` padding
mode.
@@ -40,6 +39,10 @@ VARCHAR AES_ENCRYPT(VARCHAR str, VARCHAR key_str [, VARCHAR
init_vector [, VARCH
- `init_vector` is the initial vector to be used in the algorithm, this is
only valid for some algorithms, if not specified then Doris will use the
built-in value;
- `encryption_mode` is the encryption algorithm, optionally available in
variable.
+:::warning
+Function with two arguments will ignore session variable
`block_encryption_mode` and always use `AES_128_ECB` to do encryption. So it's
not recommended to use it.
+:::
+
### Notice
For the incoming key, the AES_ENCRYPT function not directly uses, but will
further process it. The specific steps are as follows:
@@ -55,7 +58,7 @@ set block_encryption_mode='';
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
-```
+```text
+----------------------------------------------------------+
| to_base64(aes_encrypt('text', '***', '', 'AES_128_ECB')) |
+----------------------------------------------------------+
@@ -68,7 +71,7 @@ set block_encryption_mode="AES_256_CBC";
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
-```
+```text
+----------------------------------------------------------+
| to_base64(aes_encrypt('text', '***', '', 'AES_256_CBC')) |
+----------------------------------------------------------+
@@ -80,7 +83,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
-```
+```text
+--------------------------------------------------------------------+
| to_base64(aes_encrypt('text', '***', '0123456789', 'AES_256_CBC')) |
+--------------------------------------------------------------------+
diff --git
a/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-decrypt.md
b/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-decrypt.md
index 6f13ee365f9..fa0abcb7fb2 100644
---
a/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-decrypt.md
+++
b/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-decrypt.md
@@ -22,7 +22,6 @@ specific language governing permissions and limitations
under the License.
-->
-
### Description
SM4 is a China's national standard symmetric key encryption algorithm, widely
used in finance, communications, e-commerce, and other fields. The SM4_DECRYPT
function is used to decrypt data using the SM4 algorithm. By default, it uses
the `SM4_128_ECB` algorithm.
@@ -40,6 +39,10 @@ VARCHAR SM4_DECRYPT(VARCHAR str, VARCHAR key_str [, VARCHAR
init_vector [, VARCH
- `init_vector` is the initial vector to be used in the algorithm, this is
only valid for some algorithms, if not specified then Doris will use the
built-in value;
- `encryption_mode` is the encryption algorithm, optionally available in
variable.
+:::warning
+Function with two arguments will ignore session variable
`block_encryption_mode` and always use `SM4_128_ECB` to do decryption. This is
different from the 1.2 version behavior and must be taken into account when
upgrading or downgrading.
+:::
+
### Example
```sql
@@ -47,7 +50,7 @@ set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
```
-```
+```text
+--------------------------------------------------------------------------------+
| sm4_decrypt(from_base64('aDjwRflBrDjhBZIOFNw3Tg=='), '***', '',
'SM4_128_ECB') |
+--------------------------------------------------------------------------------+
@@ -59,7 +62,7 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B
select
SM4_DECRYPT(FROM_BASE64('G7yqOKfEyxdagboz6Qf01A=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
-```
+```text
+--------------------------------------------------------------------------------------------------------+
| sm4_decrypt(from_base64('G7yqOKfEyxdagboz6Qf01A=='),
'F3229A0B371ED2D9441B830D21A390C3', '0123456789') |
+--------------------------------------------------------------------------------------------------------+
diff --git
a/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-encrypt.md
b/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-encrypt.md
index 398d0461a4b..3a76a3e797b 100644
---
a/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-encrypt.md
+++
b/versioned_docs/version-2.0/sql-manual/sql-functions/encrypt-digest-functions/sm4-encrypt.md
@@ -22,7 +22,6 @@ specific language governing permissions and limitations
under the License.
-->
-
### Description
SM4 is a China's national standard symmetric key encryption algorithm, widely
used in finance, communications, e-commerce, and other fields. The SM4_ENCRYPT
function is used to encrypt data using the SM4 algorithm. By default, it uses
the `SM4_128_ECB` algorithm.
@@ -40,6 +39,10 @@ VARCHAR SM4_ENCRYPT(VARCHAR str, VARCHAR key_str[, VARCHAR
init_vector][, VARCHA
- `init_vector` is the initial vector to be used in the algorithm, this is
only valid for some algorithms, if not specified then Doris will use the
built-in value;
- `encryption_mode` is the encryption algorithm, optionally available in
variable.
+:::warning
+Function with two arguments will ignore session variable
`block_encryption_mode` and always use `SM4_128_ECB` to do encryption. This is
different from the 1.2 version behavior and must be taken into account when
upgrading or downgrading.
+:::
+
### Example
```sql
@@ -47,7 +50,7 @@ set block_encryption_mode='';
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
-```
+```text
+----------------------------------------------------------+
| to_base64(sm4_encrypt('text', '***', '', 'SM4_128_ECB')) |
+----------------------------------------------------------+
@@ -58,6 +61,8 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```sql
select to_base64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
+
+```text
+----------------------------------------------------------------------------------+
| to_base64(sm4_encrypt('text', 'F3229A0B371ED2D9441B830D21A390C3',
'0123456789')) |
+----------------------------------------------------------------------------------+
diff --git
a/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
b/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
index 127be097998..9cae0e8f588 100644
---
a/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
+++
b/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
@@ -26,6 +26,12 @@ under the License.
AES decryption function. This function behaves the same as the `AES_DECRYPT`
function in MySQL. The default algorithm is `AES_128_ECB`, and the padding mode
is `PKCS7`.
+:::warning
+Until 2.1.6, function with two arguments will ignore session variable
`block_encryption_mode` and always use `AES_128_ECB` to do decryption. So it's
not recommended to use it.
+
+Since 2.1.7, it works as expected.
+:::
+
## Syntax
```sql
@@ -47,12 +53,12 @@ If decryption is successful: Returns the decrypted data,
usually a binary repres
If decryption fails: Returns NULL.
-
## Examples
### Decryption successful
Using the default algorithm
+
```sql
set block_encryption_mode='';
select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -67,6 +73,7 @@ select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B
```
Use AES_256_CBC algorithm
+
```sql
set block_encryption_mode="AES_256_CBC";
select
aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -81,6 +88,7 @@ select
aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='),'F3229A0B371ED2D9441B
```
Use AES_256_CBC algorithm and set initial vector
+
```sql
select
AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
@@ -105,4 +113,4 @@ select
AES_DECRYPT(FROM_BASE64('tsmK1H3zbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441
+-------------------------------------------------------------------------------------------+
| NULL
|
+-------------------------------------------------------------------------------------------+
-```
\ No newline at end of file
+```
diff --git
a/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
b/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
index 538aef73e07..24f300ff69a 100644
---
a/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
+++
b/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
@@ -27,10 +27,17 @@ under the License.
AES encryption function. This function behaves the same as the `AES_ENCRYPT`
function in MySQL. The default algorithm is `AES_128_ECB`, and the padding mode
is `PKCS7`.
The AES_ENCRYPT function does not use the passed key directly, but further
processes it. The specific steps are as follows:
+
1. Determine the number of bytes of the key according to the encryption
algorithm used. For example, if the AES_128_ECB algorithm is used, the number
of bytes of the key is `128 / 8 = 16` (if the AES_256_ECB algorithm is used,
the number of bytes of the key is `128 / 8 = 32`);
2. Then, for the key input by the user, the `i`th bit and the `16*k+i`th bit
are XORed. If the key input by the user is less than 16 bits, 0 is added at the
end.
3. Finally, use the newly generated key to encrypt;
+:::warning
+Until 2.1.6, function with two arguments will ignore session variable
`block_encryption_mode` and always use `AES_128_ECB` to do encryption. So it's
not recommended to use it.
+
+Since 2.1.7, it works as expected.
+:::
+
## Syntax
```sql
@@ -46,7 +53,6 @@ AES_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | It is the initial vector used in the algorithm. It is
only effective under specific algorithms. If not specified, Doris uses the
built-in vector
|
| `<encryption_mode>` | For encryption algorithms, optional values are given
in variables
|
-
## Return Value
Returns the encrypted binary data
@@ -54,6 +60,7 @@ Returns the encrypted binary data
## Examples
Using AES_128_ECB algorithm
+
```sql
set block_encryption_mode='';
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -68,6 +75,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
Use AES_256_CBC algorithm
+
```sql
set block_encryption_mode="AES_256_CBC";
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -82,6 +90,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
Use AES_256_CBC algorithm and set initial vector
+
```sql
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
diff --git
a/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
b/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
index d712fae1899..e5080359392 100644
---
a/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
+++
b/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
@@ -26,13 +26,18 @@ under the License.
SM4 is a national standard symmetric key encryption algorithm, widely used in
finance, communications, e-commerce and other fields. The SM4_DECRYPT function
is used to decrypt data using SM4. The default algorithm is `SM4_128_ECB`.
+:::warning
+Until 2.1.6, function with two arguments will ignore session variable
`block_encryption_mode` and always use `SM4_128_ECB` to do decryption.
+
+Since 2.1.7, it works as expected.
+:::
+
## Syntax
```sql
SM4_DECRYPT( <str>, <key_str>[, <init_vector>][, <encryption_mode>])
```
-
## Parameters
| parameter | description
|
@@ -42,7 +47,6 @@ SM4_DECRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | It is the initial vector used in the algorithm. It is
only effective under specific algorithms. If not specified, Doris uses the
built-in vector
|
| `<encryption_mode>` | For encryption algorithms, optional values are given
in variables
|
-
## Return Value
If decryption is successful: Returns the decrypted data, usually a binary
representation of the plaintext.
@@ -54,6 +58,7 @@ If decryption fails: Returns NULL.
### Decryption successful
Using the default algorithm
+
```sql
set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -68,6 +73,7 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B
```
Using SM4_128_CBC algorithm
+
```sql
set block_encryption_mode="SM4_128_CBC";
select
SM4_DECRYPT(FROM_BASE64('FSYstvOmH2cXy7B/072Mug=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -82,6 +88,7 @@ select
SM4_DECRYPT(FROM_BASE64('FSYstvOmH2cXy7B/072Mug=='),'F3229A0B371ED2D9441B
```
Use SM4_128_CBC algorithm and initial vector
+
```sql
select
SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
@@ -95,6 +102,7 @@ select
SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B
```
### Decryption failed
+
```sql
set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIdOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -106,4 +114,4 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIdOFNw3Tg=='),'F3229A0B371ED2D9441
+---------------------------------------------------------------------------------+
| NULL
|
+---------------------------------------------------------------------------------+
-```
\ No newline at end of file
+```
diff --git
a/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
b/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
index c08794132b7..dfbc2d55911 100644
---
a/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
+++
b/versioned_docs/version-2.1/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
@@ -26,6 +26,12 @@ under the License.
SM4 is a national standard symmetric key encryption algorithm, widely used in
finance, communications, e-commerce and other fields. The SM4_ENCRYPT function
is used to encrypt data with SM4. The default algorithm is `SM4_128_ECB`.
+:::warning
+Until 2.1.6, function with two arguments will ignore session variable
`block_encryption_mode` and always use `SM4_128_ECB` to do encryption.
+
+Since 2.1.7, it works as expected.
+:::
+
## Syntax
```sql
@@ -41,7 +47,6 @@ SM4_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | It is the initial vector used in the algorithm. It is
only effective under specific algorithms. If not specified, Doris uses the
built-in vector
|
| `<encryption_mode>` | For encryption algorithms, optional values are given
in variables
|
-
## Return Value
Returns the encrypted binary data
@@ -49,6 +54,7 @@ Returns the encrypted binary data
## Examples
Using the default algorithm
+
```sql
set block_encryption_mode='';
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -63,6 +69,7 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
Using SM4_128_CBC algorithm
+
```sql
set block_encryption_mode="SM4_128_CBC";
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -77,10 +84,12 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
Use the SM4_128_CBC algorithm and set the initial vector
+
```sql
set block_encryption_mode="SM4_128_CBC";
select to_base64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
+
```text
+--------------------------------------------------------------------+
| to_base64(sm4_encrypt('text', '***', '0123456789', 'SM4_128_CBC')) |
diff --git
a/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
b/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
index 127be097998..61583b5dc2f 100644
---
a/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
+++
b/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-decrypt.md
@@ -26,6 +26,12 @@ under the License.
AES decryption function. This function behaves the same as the `AES_DECRYPT`
function in MySQL. The default algorithm is `AES_128_ECB`, and the padding mode
is `PKCS7`.
+:::warning
+Until 3.0.2, function with two arguments will ignore session variable
`block_encryption_mode` and always use `AES_128_ECB` to do decryption. So it's
not recommended to use it.
+
+Since 3.0.3, it works as expected.
+:::
+
## Syntax
```sql
@@ -47,12 +53,12 @@ If decryption is successful: Returns the decrypted data,
usually a binary repres
If decryption fails: Returns NULL.
-
## Examples
### Decryption successful
Using the default algorithm
+
```sql
set block_encryption_mode='';
select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -67,6 +73,7 @@ select
aes_decrypt(from_base64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B
```
Use AES_256_CBC algorithm
+
```sql
set block_encryption_mode="AES_256_CBC";
select
aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -81,6 +88,7 @@ select
aes_decrypt(from_base64('3dym0E7/+1zbrLIaBVNHSw=='),'F3229A0B371ED2D9441B
```
Use AES_256_CBC algorithm and set initial vector
+
```sql
select
AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
@@ -105,4 +113,4 @@ select
AES_DECRYPT(FROM_BASE64('tsmK1H3zbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441
+-------------------------------------------------------------------------------------------+
| NULL
|
+-------------------------------------------------------------------------------------------+
-```
\ No newline at end of file
+```
diff --git
a/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
b/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
index 219458e1994..63c6bdde053 100644
---
a/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
+++
b/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/aes-encrypt.md
@@ -22,16 +22,22 @@ specific language governing permissions and limitations
under the License.
-->
-
## Description
AES encryption function. This function behaves the same as the `AES_ENCRYPT`
function in MySQL. The default algorithm is `AES_128_ECB`, and the padding mode
is `PKCS7`.
The AES_ENCRYPT function does not use the passed key directly, but further
processes it. The specific steps are as follows:
+
1. Determine the number of bytes of the key according to the encryption
algorithm used. For example, if the AES_128_ECB algorithm is used, the number
of bytes of the key is `128 / 8 = 16` (if the AES_256_ECB algorithm is used,
the number of bytes of the key is `128 / 8 = 32`);
2. Then, for the key input by the user, the `i`th bit and the `16*k+i`th bit
are XORed. If the key input by the user is less than 16 bits, 0 is added at the
end.
3. Finally, use the newly generated key to encrypt;
+:::warning
+Until 3.0.2, function with two arguments will ignore session variable
`block_encryption_mode` and always use `AES_128_ECB` to do encryption. So it's
not recommended to use it.
+
+Since 3.0.3, it works as expected.
+:::
+
## Syntax
```sql
@@ -47,15 +53,14 @@ AES_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | It is the initial vector used in the algorithm. It is
only effective under specific algorithms. If not specified, Doris uses the
built-in vector
|
| `<encryption_mode>` | For encryption algorithms, optional values are given
in variables
|
-
## Return Value
Returns the encrypted binary data
-
## Examples
Using AES_128_ECB algorithm
+
```sql
set block_encryption_mode='';
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -70,6 +75,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
Use AES_256_CBC algorithm
+
```sql
set block_encryption_mode="AES_256_CBC";
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -84,6 +90,7 @@ select
to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3'));
```
Use AES_256_CBC algorithm and set initial vector
+
```sql
select to_base64(aes_encrypt('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
diff --git
a/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
b/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
index d712fae1899..c25b9d54f1b 100644
---
a/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
+++
b/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-decrypt.md
@@ -26,13 +26,18 @@ under the License.
SM4 is a national standard symmetric key encryption algorithm, widely used in
finance, communications, e-commerce and other fields. The SM4_DECRYPT function
is used to decrypt data using SM4. The default algorithm is `SM4_128_ECB`.
+:::warning
+Until 3.0.2, function with two arguments will ignore session variable
`block_encryption_mode` and always use `SM4_128_ECB` to do decryption. So it's
not recommended to use it.
+
+Since 3.0.3, it works as expected.
+:::
+
## Syntax
```sql
SM4_DECRYPT( <str>, <key_str>[, <init_vector>][, <encryption_mode>])
```
-
## Parameters
| parameter | description
|
@@ -42,7 +47,6 @@ SM4_DECRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | It is the initial vector used in the algorithm. It is
only effective under specific algorithms. If not specified, Doris uses the
built-in vector
|
| `<encryption_mode>` | For encryption algorithms, optional values are given
in variables
|
-
## Return Value
If decryption is successful: Returns the decrypted data, usually a binary
representation of the plaintext.
@@ -54,6 +58,7 @@ If decryption fails: Returns NULL.
### Decryption successful
Using the default algorithm
+
```sql
set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -68,6 +73,7 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B
```
Using SM4_128_CBC algorithm
+
```sql
set block_encryption_mode="SM4_128_CBC";
select
SM4_DECRYPT(FROM_BASE64('FSYstvOmH2cXy7B/072Mug=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -82,6 +88,7 @@ select
SM4_DECRYPT(FROM_BASE64('FSYstvOmH2cXy7B/072Mug=='),'F3229A0B371ED2D9441B
```
Use SM4_128_CBC algorithm and initial vector
+
```sql
select
SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B830D21A390C3',
'0123456789');
```
@@ -95,6 +102,7 @@ select
SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B
```
### Decryption failed
+
```sql
set block_encryption_mode='';
select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIdOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');
@@ -106,4 +114,4 @@ select
SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIdOFNw3Tg=='),'F3229A0B371ED2D9441
+---------------------------------------------------------------------------------+
| NULL
|
+---------------------------------------------------------------------------------+
-```
\ No newline at end of file
+```
diff --git
a/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
b/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
index c08794132b7..f3bbc3d0270 100644
---
a/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
+++
b/versioned_docs/version-3.0/sql-manual/sql-functions/scalar-functions/encrypt-digest-functions/sm4-encrypt.md
@@ -26,6 +26,12 @@ under the License.
SM4 is a national standard symmetric key encryption algorithm, widely used in
finance, communications, e-commerce and other fields. The SM4_ENCRYPT function
is used to encrypt data with SM4. The default algorithm is `SM4_128_ECB`.
+:::warning
+Until 3.0.2, function with two arguments will ignore session variable
`block_encryption_mode` and always use `SM4_128_ECB` to do encryption. So it's
not recommended to use it.
+
+Since 3.0.3, it works as expected.
+:::
+
## Syntax
```sql
@@ -41,7 +47,6 @@ SM4_ENCRYPT( <str>, <key_str>[, <init_vector>][,
<encryption_mode>])
| `<init_vector>` | It is the initial vector used in the algorithm. It is
only effective under specific algorithms. If not specified, Doris uses the
built-in vector
|
| `<encryption_mode>` | For encryption algorithms, optional values are given
in variables
|
-
## Return Value
Returns the encrypted binary data
@@ -49,6 +54,7 @@ Returns the encrypted binary data
## Examples
Using the default algorithm
+
```sql
set block_encryption_mode='';
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -63,6 +69,7 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
Using SM4_128_CBC algorithm
+
```sql
set block_encryption_mode="SM4_128_CBC";
select TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
@@ -77,10 +84,12 @@ select
TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));
```
Use the SM4_128_CBC algorithm and set the initial vector
+
```sql
set block_encryption_mode="SM4_128_CBC";
select to_base64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3',
'0123456789'));
```
+
```text
+--------------------------------------------------------------------+
| to_base64(sm4_encrypt('text', '***', '0123456789', 'SM4_128_CBC')) |
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org
