From 397cc011c4f1ba5a25c770258c13f1cd3f28b47d Mon Sep 17 00:00:00 2001 From: Xinyi Zou Date: Thu, 9 Mar 2023 09:51:41 +0800 Subject: [PATCH] [fix](function) fix AES/SM3/SM4 encrypt/ decrypt algorithm initialization vector bug (#17420) ECB algorithm, block_encryption_mode does not take effect, it only takes effect when init vector is provided. Solved: 192/256 supports calculation without init vector For other algorithms, an error should be reported when there is no init vector Initialization Vector. The default value for the block_encryption_mode system variable is aes-128-ecb, or ECB mode, which does not require an initialization vector. The alternative permitted block encryption modes CBC, CFB1, CFB8, CFB128, and OFB all require an initialization vector. Reference: https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html#function_aes-decrypt Note: This fix does not support smooth upgrades. during upgrade process, query may report error: funciton not found --- be/src/vec/functions/function_encryption.cpp | 14 ++- be/test/vec/function/function_string_test.cpp | 97 +++++++++++-------- .../encrypt-digest-functions/aes.md | 3 +- .../encrypt-digest-functions/aes.md | 3 +- .../doris/analysis/FunctionCallExpr.java | 12 ++- .../functions/FunctionBuilder.java | 2 +- .../functions/scalar/AesDecrypt.java | 12 ++- .../functions/scalar/AesEncrypt.java | 12 ++- .../functions/scalar/Sm4Decrypt.java | 2 + .../functions/scalar/Sm4Encrypt.java | 2 + gensrc/script/doris_builtins_functions.py | 16 +-- .../test_encryption_function.out | 47 ++------- .../test_encryption_function.out | 47 ++------- .../scalar_function/S.groovy | 40 ++++++-- .../test_encryption_function.groovy | 59 +++++------ .../test_encryption_function.groovy | 59 +++++------ 16 files changed, 232 insertions(+), 195 deletions(-) diff --git a/be/src/vec/functions/function_encryption.cpp b/be/src/vec/functions/function_encryption.cpp index a8ab9a9f876a37..339850f61d5d45 100644 --- a/be/src/vec/functions/function_encryption.cpp +++ b/be/src/vec/functions/function_encryption.cpp @@ -154,7 +154,8 @@ static void exectue_result(std::vector& offsets_li template struct EncryptionAndDecryptTwoImpl { static DataTypes get_variadic_argument_types_impl() { - return {std::make_shared(), std::make_shared()}; + return {std::make_shared(), std::make_shared(), + std::make_shared()}; } static Status vector_vector(std::vector& offsets_list, @@ -167,6 +168,17 @@ struct EncryptionAndDecryptTwoImpl { continue; } EncryptionMode encryption_mode = mode; + int mode_size = (*offsets_list[2])[i] - (*offsets_list[2])[i - 1]; + const auto mode_raw = + reinterpret_cast(&(*chars_list[2])[(*offsets_list[2])[i - 1]]); + if (mode_size != 0) { + std::string mode_str(mode_raw, mode_size); + if (aes_mode_map.count(mode_str) == 0) { + StringOP::push_null_string(i, result_data, result_offset, null_map); + continue; + } + encryption_mode = aes_mode_map.at(mode_str); + } exectue_result(offsets_list, chars_list, i, encryption_mode, nullptr, 0, result_data, result_offset, null_map); } diff --git a/be/test/vec/function/function_string_test.cpp b/be/test/vec/function/function_string_test.cpp index 42d759df7931aa..78168529135707 100644 --- a/be/test/vec/function/function_string_test.cpp +++ b/be/test/vec/function/function_string_test.cpp @@ -676,8 +676,9 @@ TEST(function_string_test, function_sm3sum_test) { TEST(function_string_test, function_aes_encrypt_test) { std::string func_name = "aes_encrypt"; { - InputTypeSet input_types = {TypeIndex::String, TypeIndex::String}; + InputTypeSet input_types = {TypeIndex::String, TypeIndex::String, TypeIndex::String}; + const char* mode = "AES_128_ECB"; const char* key = "doris"; const char* src[6] = {"aaaaaa", "bbbbbb", "cccccc", "dddddd", "eeeeee", ""}; std::string r[5]; @@ -692,13 +693,13 @@ TEST(function_string_test, function_aes_encrypt_test) { r[i] = std::string(p, outlen); } - DataSet data_set = {{{std::string(src[0]), std::string(key)}, r[0]}, - {{std::string(src[1]), std::string(key)}, r[1]}, - {{std::string(src[2]), std::string(key)}, r[2]}, - {{std::string(src[3]), std::string(key)}, r[3]}, - {{std::string(src[4]), std::string(key)}, r[4]}, - {{std::string(src[5]), std::string(key)}, Null()}, - {{Null(), std::string(key)}, Null()}}; + DataSet data_set = {{{std::string(src[0]), std::string(key), std::string(mode)}, r[0]}, + {{std::string(src[1]), std::string(key), std::string(mode)}, r[1]}, + {{std::string(src[2]), std::string(key), std::string(mode)}, r[2]}, + {{std::string(src[3]), std::string(key), std::string(mode)}, r[3]}, + {{std::string(src[4]), std::string(key), std::string(mode)}, r[4]}, + {{std::string(src[5]), std::string(key), std::string(mode)}, Null()}, + {{Null(), std::string(key), std::string(mode)}, Null()}}; check_function(func_name, input_types, data_set); } @@ -743,8 +744,9 @@ TEST(function_string_test, function_aes_encrypt_test) { TEST(function_string_test, function_aes_decrypt_test) { std::string func_name = "aes_decrypt"; { - InputTypeSet input_types = {TypeIndex::String, TypeIndex::String}; + InputTypeSet input_types = {TypeIndex::String, TypeIndex::String, TypeIndex::String}; + const char* mode = "AES_128_ECB"; const char* key = "doris"; const char* src[5] = {"aaaaaa", "bbbbbb", "cccccc", "dddddd", "eeeeee"}; std::string r[5]; @@ -759,12 +761,12 @@ TEST(function_string_test, function_aes_decrypt_test) { r[i] = std::string(p, outlen); } - DataSet data_set = {{{r[0], std::string(key)}, std::string(src[0])}, - {{r[1], std::string(key)}, std::string(src[1])}, - {{r[2], std::string(key)}, std::string(src[2])}, - {{r[3], std::string(key)}, std::string(src[3])}, - {{r[4], std::string(key)}, std::string(src[4])}, - {{Null(), std::string(key)}, Null()}}; + DataSet data_set = {{{r[0], std::string(key), std::string(mode)}, std::string(src[0])}, + {{r[1], std::string(key), std::string(mode)}, std::string(src[1])}, + {{r[2], std::string(key), std::string(mode)}, std::string(src[2])}, + {{r[3], std::string(key), std::string(mode)}, std::string(src[3])}, + {{r[4], std::string(key), std::string(mode)}, std::string(src[4])}, + {{Null(), std::string(key), std::string(mode)}, Null()}}; check_function(func_name, input_types, data_set); } @@ -806,29 +808,39 @@ TEST(function_string_test, function_aes_decrypt_test) { TEST(function_string_test, function_sm4_encrypt_test) { std::string func_name = "sm4_encrypt"; { - InputTypeSet input_types = {TypeIndex::String, TypeIndex::String}; + InputTypeSet input_types = {TypeIndex::String, TypeIndex::String, TypeIndex::String, + TypeIndex::String}; const char* key = "doris"; + const char* iv = "0123456789abcdef"; + const char* mode = "SM4_128_ECB"; const char* src[6] = {"aaaaaa", "bbbbbb", "cccccc", "dddddd", "eeeeee", ""}; std::string r[5]; for (int i = 0; i < 5; i++) { int cipher_len = strlen(src[i]) + 16; char p[cipher_len]; - - int outlen = EncryptionUtil::encrypt( - EncryptionMode::SM4_128_ECB, (unsigned char*)src[i], strlen(src[i]), - (unsigned char*)key, strlen(key), nullptr, 0, true, (unsigned char*)p); + int iv_len = 32; + std::unique_ptr init_vec; + init_vec.reset(new char[iv_len]); + std::memset(init_vec.get(), 0, strlen(iv) + 1); + memcpy(init_vec.get(), iv, strlen(iv)); + int outlen = + EncryptionUtil::encrypt(EncryptionMode::SM4_128_ECB, (unsigned char*)src[i], + strlen(src[i]), (unsigned char*)key, strlen(key), + init_vec.get(), strlen(iv), true, (unsigned char*)p); r[i] = std::string(p, outlen); } - DataSet data_set = {{{std::string(src[0]), std::string(key)}, r[0]}, - {{std::string(src[1]), std::string(key)}, r[1]}, - {{std::string(src[2]), std::string(key)}, r[2]}, - {{std::string(src[3]), std::string(key)}, r[3]}, - {{std::string(src[4]), std::string(key)}, r[4]}, - {{std::string(src[5]), std::string(key)}, Null()}, - {{Null(), std::string(key)}, Null()}}; + DataSet data_set = { + {{std::string(src[0]), std::string(key), std::string(iv), std::string(mode)}, r[0]}, + {{std::string(src[1]), std::string(key), std::string(iv), std::string(mode)}, r[1]}, + {{std::string(src[2]), std::string(key), std::string(iv), std::string(mode)}, r[2]}, + {{std::string(src[3]), std::string(key), std::string(iv), std::string(mode)}, r[3]}, + {{std::string(src[4]), std::string(key), std::string(iv), std::string(mode)}, r[4]}, + {{std::string(src[5]), std::string(key), std::string(iv), std::string(mode)}, + Null()}, + {{Null(), std::string(key), std::string(iv), std::string(mode)}, Null()}}; check_function(func_name, input_types, data_set); } @@ -875,28 +887,37 @@ TEST(function_string_test, function_sm4_encrypt_test) { TEST(function_string_test, function_sm4_decrypt_test) { std::string func_name = "sm4_decrypt"; { - InputTypeSet input_types = {TypeIndex::String, TypeIndex::String}; + InputTypeSet input_types = {TypeIndex::String, TypeIndex::String, TypeIndex::String, + TypeIndex::String}; const char* key = "doris"; + const char* iv = "0123456789abcdef"; + const char* mode = "SM4_128_ECB"; const char* src[5] = {"aaaaaa", "bbbbbb", "cccccc", "dddddd", "eeeeee"}; std::string r[5]; for (int i = 0; i < 5; i++) { int cipher_len = strlen(src[i]) + 16; char p[cipher_len]; - - int outlen = EncryptionUtil::encrypt( - EncryptionMode::SM4_128_ECB, (unsigned char*)src[i], strlen(src[i]), - (unsigned char*)key, strlen(key), nullptr, 0, true, (unsigned char*)p); + int iv_len = 32; + std::unique_ptr init_vec; + init_vec.reset(new char[iv_len]); + std::memset(init_vec.get(), 0, strlen(iv) + 1); + memcpy(init_vec.get(), iv, strlen(iv)); + int outlen = + EncryptionUtil::encrypt(EncryptionMode::SM4_128_ECB, (unsigned char*)src[i], + strlen(src[i]), (unsigned char*)key, strlen(key), + init_vec.get(), strlen(iv), true, (unsigned char*)p); r[i] = std::string(p, outlen); } - DataSet data_set = {{{r[0], std::string(key)}, std::string(src[0])}, - {{r[1], std::string(key)}, std::string(src[1])}, - {{r[2], std::string(key)}, std::string(src[2])}, - {{r[3], std::string(key)}, std::string(src[3])}, - {{r[4], std::string(key)}, std::string(src[4])}, - {{Null(), std::string(key)}, Null()}}; + DataSet data_set = { + {{r[0], std::string(key), std::string(iv), std::string(mode)}, std::string(src[0])}, + {{r[1], std::string(key), std::string(iv), std::string(mode)}, std::string(src[1])}, + {{r[2], std::string(key), std::string(iv), std::string(mode)}, std::string(src[2])}, + {{r[3], std::string(key), std::string(iv), std::string(mode)}, std::string(src[3])}, + {{r[4], std::string(key), std::string(iv), std::string(mode)}, std::string(src[4])}, + {{Null(), std::string(key), std::string(iv), std::string(mode)}, Null()}}; check_function(func_name, input_types, data_set); } diff --git a/docs/en/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md b/docs/en/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md index 26e079bd7d5a69..f92998df090123 100644 --- a/docs/en/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md +++ b/docs/en/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md @@ -31,6 +31,7 @@ AES_ENCRYPT ### description Encryption of data using the OpenSSL. This function is consistent with the `AES_ENCRYPT` function in MySQL. Using AES_128_ECB algorithm by default, and the padding mode is PKCS7. +Reference: https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html#function_aes-decrypt #### Syntax @@ -42,7 +43,7 @@ AES_ENCRYPT(str,key_str[,init_vector]) - `str`: Content to be encrypted - `key_str`: Secret key -- `init_vector`: Initialization Vector +- `init_vector`: Initialization Vector. The default value for the block_encryption_mode system variable is aes ecb mode, which does not require an initialization vector. The alternative permitted block encryption modes CBC, CFB1, CFB8, CFB128, and OFB all require an initialization vector. #### Return Type diff --git a/docs/zh-CN/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md b/docs/zh-CN/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md index c8643430a635c6..a3257674f90614 100644 --- a/docs/zh-CN/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md +++ b/docs/zh-CN/docs/sql-manual/sql-functions/encrypt-digest-functions/aes.md @@ -31,6 +31,7 @@ AES_ENCRYPT ### Description Aes 加密函数。该函数与 MySQL 中的 `AES_ENCRYPT` 函数行为一致。默认采用 AES_128_ECB 算法,padding 模式为 PKCS7。底层使用 OpenSSL 库进行加密。 +Reference: https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html#function_aes-decrypt #### Syntax @@ -42,7 +43,7 @@ AES_ENCRYPT(str,key_str[,init_vector]) - `str`: 待加密的内容 - `key_str`: 密钥 -- `init_vector`: 初始向量 +- `init_vector`: 初始向量。block_encryption_mode 默认值为 aes-128-ecb,它不需要初始向量,可选的块加密模式 CBC、CFB1、CFB8、CFB128 和 OFB 都需要一个初始向量。 #### Return Type diff --git a/fe/fe-core/src/main/java/org/apache/doris/analysis/FunctionCallExpr.java b/fe/fe-core/src/main/java/org/apache/doris/analysis/FunctionCallExpr.java index 7cd827c3533c99..b1e46334d52b40 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/analysis/FunctionCallExpr.java +++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/FunctionCallExpr.java @@ -939,7 +939,7 @@ private void analyzeBuiltinAggFunction(Analyzer analyzer) throws AnalysisExcepti || fnName.getFunction().equalsIgnoreCase("aes_encrypt") || fnName.getFunction().equalsIgnoreCase("sm4_decrypt") || fnName.getFunction().equalsIgnoreCase("sm4_encrypt")) - && children.size() == 3) { + && (children.size() == 2 || children.size() == 3)) { String blockEncryptionMode = ""; Set aesModes = new HashSet<>(Arrays.asList( "AES_128_ECB", @@ -985,6 +985,12 @@ private void analyzeBuiltinAggFunction(Analyzer analyzer) throws AnalysisExcepti throw new AnalysisException("session variable block_encryption_mode is invalid with aes"); } + if (children.size() == 2 && !blockEncryptionMode.toUpperCase().equals("AES_128_ECB") + && !blockEncryptionMode.toUpperCase().equals("AES_192_ECB") + && !blockEncryptionMode.toUpperCase().equals("AES_256_ECB")) { + throw new AnalysisException("Incorrect parameter count in the call to native function " + + "'aes_encrypt' or 'aes_decrypt'"); + } } if (fnName.getFunction().equalsIgnoreCase("sm4_decrypt") || fnName.getFunction().equalsIgnoreCase("sm4_encrypt")) { @@ -995,6 +1001,10 @@ private void analyzeBuiltinAggFunction(Analyzer analyzer) throws AnalysisExcepti throw new AnalysisException("session variable block_encryption_mode is invalid with sm4"); } + if (children.size() == 2) { + throw new AnalysisException("Incorrect parameter count in the call to native function " + + "'sm4_encrypt' or 'sm4_decrypt'"); + } } } children.add(new StringLiteral(blockEncryptionMode)); diff --git a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/FunctionBuilder.java b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/FunctionBuilder.java index d2ead858e1f5ab..037174119f5c1b 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/FunctionBuilder.java +++ b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/FunctionBuilder.java @@ -107,7 +107,7 @@ public BoundFunction build(String name, List arguments) { }) .collect(Collectors.joining(", ", "(", ")")); throw new IllegalStateException("Can not build function: '" + name - + "', expression: " + name + argString, t); + + "', expression: " + name + argString + ", " + t.getCause().getMessage(), t); } } diff --git a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesDecrypt.java b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesDecrypt.java index a3109ab3e24735..ccc87cc8978301 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesDecrypt.java +++ b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesDecrypt.java @@ -54,8 +54,18 @@ public class AesDecrypt extends AesCryptoFunction { .args(StringType.INSTANCE, StringType.INSTANCE, StringType.INSTANCE, StringType.INSTANCE) ); + /** + * Some javadoc for checkstyle... + */ public AesDecrypt(Expression arg0, Expression arg1) { - super("aes_decrypt", arg0, arg1); + super("aes_decrypt", arg0, arg1, getDefaultBlockEncryptionMode()); + String blockEncryptionMode = String.valueOf(getDefaultBlockEncryptionMode()); + if (!blockEncryptionMode.toUpperCase().equals("'AES_128_ECB'") + && !blockEncryptionMode.toUpperCase().equals("'AES_192_ECB'") + && !blockEncryptionMode.toUpperCase().equals("'AES_256_ECB'")) { + throw new AnalysisException("Incorrect parameter count in the call to native function " + + "'aes_encrypt' or 'aes_decrypt'"); + } } public AesDecrypt(Expression arg0, Expression arg1, Expression arg2) { diff --git a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesEncrypt.java b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesEncrypt.java index 1a0ef5b4010aa6..a9a59ebcb86639 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesEncrypt.java +++ b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/AesEncrypt.java @@ -54,8 +54,18 @@ public class AesEncrypt extends AesCryptoFunction { .args(StringType.INSTANCE, StringType.INSTANCE, StringType.INSTANCE, StringType.INSTANCE) ); + /** + * Some javadoc for checkstyle... + */ public AesEncrypt(Expression arg0, Expression arg1) { - super("aes_encrypt", arg0, arg1); + super("aes_encrypt", arg0, arg1, getDefaultBlockEncryptionMode()); + String blockEncryptionMode = String.valueOf(getDefaultBlockEncryptionMode()); + if (!blockEncryptionMode.toUpperCase().equals("'AES_128_ECB'") + && !blockEncryptionMode.toUpperCase().equals("'AES_192_ECB'") + && !blockEncryptionMode.toUpperCase().equals("'AES_256_ECB'")) { + throw new AnalysisException("Incorrect parameter count in the call to native function " + + "'aes_encrypt' or 'aes_decrypt'"); + } } public AesEncrypt(Expression arg0, Expression arg1, Expression arg2) { diff --git a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4Decrypt.java b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4Decrypt.java index 931cdee9e7d58e..bb96d7281bebf4 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4Decrypt.java +++ b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4Decrypt.java @@ -64,6 +64,8 @@ public class Sm4Decrypt extends Sm4CryptoFunction { */ public Sm4Decrypt(Expression arg0, Expression arg1) { super("sm4_decrypt", arg0, arg1); + throw new AnalysisException("Incorrect parameter count in the call to native function " + + "'sm4_encrypt' or 'sm4_decrypt'"); } /** diff --git a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4Encrypt.java b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4Encrypt.java index f14593c0284f43..5ac3ba8f2dd698 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4Encrypt.java +++ b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/expressions/functions/scalar/Sm4Encrypt.java @@ -59,6 +59,8 @@ public class Sm4Encrypt extends Sm4CryptoFunction { */ public Sm4Encrypt(Expression arg0, Expression arg1) { super("sm4_encrypt", arg0, arg1); + throw new AnalysisException("Incorrect parameter count in the call to native function " + + "'sm4_encrypt' or 'sm4_decrypt'"); } /** diff --git a/gensrc/script/doris_builtins_functions.py b/gensrc/script/doris_builtins_functions.py index f14bb626880522..bab1980864cea6 100644 --- a/gensrc/script/doris_builtins_functions.py +++ b/gensrc/script/doris_builtins_functions.py @@ -1517,21 +1517,21 @@ [['murmur_hash3_64'], 'BIGINT', ['STRING', '...'], ''], # aes and base64 function - [['aes_encrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], - [['aes_decrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], + [['aes_encrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], + [['aes_decrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], [['aes_encrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR', 'VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], [['aes_decrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR', 'VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], - [['sm4_encrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], - [['sm4_decrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], + [['sm4_encrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], + [['sm4_decrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], [['sm4_encrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR', 'VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], [['sm4_decrypt'], 'VARCHAR', ['VARCHAR', 'VARCHAR', 'VARCHAR', 'VARCHAR'], 'ALWAYS_NULLABLE'], [['from_base64'], 'VARCHAR', ['VARCHAR'], 'ALWAYS_NULLABLE'], - [['aes_encrypt'], 'STRING', ['STRING', 'STRING'], 'ALWAYS_NULLABLE'], - [['aes_decrypt'], 'STRING', ['STRING', 'STRING'], 'ALWAYS_NULLABLE'], + [['aes_encrypt'], 'STRING', ['STRING', 'STRING', 'STRING'], 'ALWAYS_NULLABLE'], + [['aes_decrypt'], 'STRING', ['STRING', 'STRING', 'STRING'], 'ALWAYS_NULLABLE'], [['aes_encrypt'], 'STRING', ['STRING', 'STRING', 'STRING', 'STRING'], 'ALWAYS_NULLABLE'], [['aes_decrypt'], 'STRING', ['STRING', 'STRING', 'STRING', 'STRING'], 'ALWAYS_NULLABLE'], - [['sm4_encrypt'], 'STRING', ['STRING', 'STRING'], 'ALWAYS_NULLABLE'], - [['sm4_decrypt'], 'STRING', ['STRING', 'STRING'], 'ALWAYS_NULLABLE'], + [['sm4_encrypt'], 'STRING', ['STRING', 'STRING', 'STRING'], 'ALWAYS_NULLABLE'], + [['sm4_decrypt'], 'STRING', ['STRING', 'STRING', 'STRING'], 'ALWAYS_NULLABLE'], [['sm4_encrypt'], 'STRING', ['STRING', 'STRING', 'STRING', 'STRING'], 'ALWAYS_NULLABLE'], [['sm4_decrypt'], 'STRING', ['STRING', 'STRING', 'STRING', 'STRING'], 'ALWAYS_NULLABLE'], [['from_base64'], 'STRING', ['STRING'], 'ALWAYS_NULLABLE'], diff --git a/regression-test/data/nereids_p0/sql_functions/encryption_digest/test_encryption_function.out b/regression-test/data/nereids_p0/sql_functions/encryption_digest/test_encryption_function.out index eefeb3c0406bbd..08d2ea1af6e776 100644 --- a/regression-test/data/nereids_p0/sql_functions/encryption_digest/test_encryption_function.out +++ b/regression-test/data/nereids_p0/sql_functions/encryption_digest/test_encryption_function.out @@ -3,7 +3,7 @@ wr2JEDVXzL9+2XtRhgIloA== -- !sql -- -tsmK1HzbpnEdR2//WhO+MA== +wr2JEDVXzL9+2XtRhgIloA== -- !sql -- text @@ -12,67 +12,34 @@ text \N -- !sql -- -900150983cd24fb0d6963f7d28e17f72 - --- !sql -- -e2fc714c4727ee9395f324cd2e7f331f - --- !sql -- -e2fc714c4727ee9395f324cd2e7f331f +BO2vxHeUcw5BQQalSBbo1w== -- !sql -- -aDjwRflBrDjhBZIOFNw3Tg== - --- !sql -- -1Y4NGIukSbv9OrkZnRD1bQ== - --- !sql -- -text +BO2vxHeUcw5BQQalSBbo1w== -- !sql -- \N -- !sql -- -66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0 - --- !sql -- -82ec580fe6d36ae4f81cae3c73f4a5b3b5a09c943172dc9053c69fd8e18dca1e - --- !sql -- -82ec580fe6d36ae4f81cae3c73f4a5b3b5a09c943172dc9053c69fd8e18dca1e - --- !sql -- -wr2JEDVXzL9+2XtRhgIloA== +text -- !sql -- tsmK1HzbpnEdR2//WhO+MA== --- !sql -- -text - -- !sql -- \N -- !sql -- -900150983cd24fb0d6963f7d28e17f72 - --- !sql -- -e2fc714c4727ee9395f324cd2e7f331f - --- !sql -- -e2fc714c4727ee9395f324cd2e7f331f - --- !sql -- -aDjwRflBrDjhBZIOFNw3Tg== +text -- !sql -- 1Y4NGIukSbv9OrkZnRD1bQ== -- !sql -- -text +\N -- !sql -- -\N +text -- !sql -- 66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0 diff --git a/regression-test/data/query_p0/sql_functions/encryption_digest/test_encryption_function.out b/regression-test/data/query_p0/sql_functions/encryption_digest/test_encryption_function.out index eefeb3c0406bbd..08d2ea1af6e776 100644 --- a/regression-test/data/query_p0/sql_functions/encryption_digest/test_encryption_function.out +++ b/regression-test/data/query_p0/sql_functions/encryption_digest/test_encryption_function.out @@ -3,7 +3,7 @@ wr2JEDVXzL9+2XtRhgIloA== -- !sql -- -tsmK1HzbpnEdR2//WhO+MA== +wr2JEDVXzL9+2XtRhgIloA== -- !sql -- text @@ -12,67 +12,34 @@ text \N -- !sql -- -900150983cd24fb0d6963f7d28e17f72 - --- !sql -- -e2fc714c4727ee9395f324cd2e7f331f - --- !sql -- -e2fc714c4727ee9395f324cd2e7f331f +BO2vxHeUcw5BQQalSBbo1w== -- !sql -- -aDjwRflBrDjhBZIOFNw3Tg== - --- !sql -- -1Y4NGIukSbv9OrkZnRD1bQ== - --- !sql -- -text +BO2vxHeUcw5BQQalSBbo1w== -- !sql -- \N -- !sql -- -66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0 - --- !sql -- -82ec580fe6d36ae4f81cae3c73f4a5b3b5a09c943172dc9053c69fd8e18dca1e - --- !sql -- -82ec580fe6d36ae4f81cae3c73f4a5b3b5a09c943172dc9053c69fd8e18dca1e - --- !sql -- -wr2JEDVXzL9+2XtRhgIloA== +text -- !sql -- tsmK1HzbpnEdR2//WhO+MA== --- !sql -- -text - -- !sql -- \N -- !sql -- -900150983cd24fb0d6963f7d28e17f72 - --- !sql -- -e2fc714c4727ee9395f324cd2e7f331f - --- !sql -- -e2fc714c4727ee9395f324cd2e7f331f - --- !sql -- -aDjwRflBrDjhBZIOFNw3Tg== +text -- !sql -- 1Y4NGIukSbv9OrkZnRD1bQ== -- !sql -- -text +\N -- !sql -- -\N +text -- !sql -- 66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0 diff --git a/regression-test/suites/nereids_function_p0/scalar_function/S.groovy b/regression-test/suites/nereids_function_p0/scalar_function/S.groovy index e97e48ce415d22..9c59b29623cfcb 100644 --- a/regression-test/suites/nereids_function_p0/scalar_function/S.groovy +++ b/regression-test/suites/nereids_function_p0/scalar_function/S.groovy @@ -97,10 +97,22 @@ suite("nereids_scalar_fn_S") { qt_sql_sm3sum_Varchar_notnull "select sm3sum(kvchrs1) from fn_test_not_nullable order by kvchrs1" qt_sql_sm3sum_String "select sm3sum(kstr) from fn_test order by kstr" qt_sql_sm3sum_String_notnull "select sm3sum(kstr) from fn_test_not_nullable order by kstr" - sql "select sm4_decrypt(kvchrs1, kvchrs1) from fn_test order by kvchrs1, kvchrs1" - sql "select sm4_decrypt(kvchrs1, kvchrs1) from fn_test_not_nullable order by kvchrs1, kvchrs1" - sql "select sm4_decrypt(kstr, kstr) from fn_test order by kstr, kstr" - sql "select sm4_decrypt(kstr, kstr) from fn_test_not_nullable order by kstr, kstr" + test { + sql "select sm4_decrypt(kvchrs1, kvchrs1) from fn_test order by kvchrs1, kvchrs1" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } + test { + sql "select sm4_decrypt(kvchrs1, kvchrs1) from fn_test_not_nullable order by kvchrs1, kvchrs1" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } + test { + sql "select sm4_decrypt(kstr, kstr) from fn_test order by kstr, kstr" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } + test { + sql "select sm4_decrypt(kstr, kstr) from fn_test_not_nullable order by kstr, kstr" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } sql "select sm4_decrypt(kvchrs1, kvchrs1, kvchrs1) from fn_test order by kvchrs1, kvchrs1, kvchrs1" sql "select sm4_decrypt(kvchrs1, kvchrs1, kvchrs1) from fn_test_not_nullable order by kvchrs1, kvchrs1, kvchrs1" sql "select sm4_decrypt(kstr, kstr, kstr) from fn_test order by kstr, kstr, kstr" @@ -109,10 +121,22 @@ suite("nereids_scalar_fn_S") { sql "select sm4_decrypt(kvchrs1, kvchrs1, kvchrs1, 'SM4_128_ECB') from fn_test_not_nullable order by kvchrs1, kvchrs1, kvchrs1" sql "select sm4_decrypt(kstr, kstr, kstr, 'SM4_128_ECB') from fn_test order by kstr, kstr, kstr" sql "select sm4_decrypt(kstr, kstr, kstr, 'SM4_128_ECB') from fn_test_not_nullable order by kstr, kstr, kstr" - sql "select sm4_encrypt(kvchrs1, kvchrs1) from fn_test order by kvchrs1, kvchrs1" - sql "select sm4_encrypt(kvchrs1, kvchrs1) from fn_test_not_nullable order by kvchrs1, kvchrs1" - sql "select sm4_encrypt(kstr, kstr) from fn_test order by kstr, kstr" - sql "select sm4_encrypt(kstr, kstr) from fn_test_not_nullable order by kstr, kstr" + test { + sql "select sm4_encrypt(kvchrs1, kvchrs1) from fn_test order by kvchrs1, kvchrs1" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } + test { + sql "select sm4_encrypt(kvchrs1, kvchrs1) from fn_test_not_nullable order by kvchrs1, kvchrs1" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } + test { + sql "select sm4_encrypt(kstr, kstr) from fn_test order by kstr, kstr" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } + test { + sql "select sm4_encrypt(kstr, kstr) from fn_test_not_nullable order by kstr, kstr" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } sql "select sm4_encrypt(kvchrs1, kvchrs1, kvchrs1) from fn_test order by kvchrs1, kvchrs1, kvchrs1" sql "select sm4_encrypt(kvchrs1, kvchrs1, kvchrs1) from fn_test_not_nullable order by kvchrs1, kvchrs1, kvchrs1" sql "select sm4_encrypt(kstr, kstr, kstr) from fn_test order by kstr, kstr, kstr" diff --git a/regression-test/suites/nereids_p0/sql_functions/encryption_digest/test_encryption_function.groovy b/regression-test/suites/nereids_p0/sql_functions/encryption_digest/test_encryption_function.groovy index e2bcd55f2c380d..0003b65e547dba 100644 --- a/regression-test/suites/nereids_p0/sql_functions/encryption_digest/test_encryption_function.groovy +++ b/regression-test/suites/nereids_p0/sql_functions/encryption_digest/test_encryption_function.groovy @@ -17,48 +17,53 @@ suite("test_encryption_function") { sql "SET enable_nereids_planner=true" - sql "SET enable_vectorized_engine=true" - sql "SET enable_fallback_to_original_planner=false" sql "set batch_size = 4096;" - sql "set block_encryption_mode=\"AES_256_CBC\";" + sql "set block_encryption_mode=\"AES_128_ECB\";" qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" qt_sql "SELECT AES_DECRYPT(FROM_BASE64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');" qt_sql "SELECT AES_DECRYPT(FROM_BASE64('mvZT1KJw7N0RJf27aipUpg=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + test { + sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + exception "session variable block_encryption_mode is invalid with sm4" + } - qt_sql "SELECT MD5(\"abc\");" - - qt_sql "SELECT MD5(\"abcd\");" - qt_sql "SELECT MD5SUM(\"ab\",\"cd\");" - - sql "set block_encryption_mode=\"SM4_128_CBC\";" - qt_sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" - qt_sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" - qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');" - qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('G7yqOKfEyxdagboz6Qf01A=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" - - qt_sql "SELECT SM3(\"abc\");" - qt_sql "select sm3(\"abcd\");" - qt_sql "select sm3sum(\"ab\",\"cd\");" - - - sql "set block_encryption_mode=\"AES_256_CBC\";" + sql "set block_encryption_mode=\"AES_256_ECB\";" qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" qt_sql "SELECT AES_DECRYPT(FROM_BASE64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');" - qt_sql "SELECT AES_DECRYPT(FROM_BASE64('mvZT1KJw7N0RJf27aipUpg=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + qt_sql "SELECT AES_DECRYPT(FROM_BASE64('BO2vxHeUcw5BQQalSBbo1w=='),'F3229A0B371ED2D9441B830D21A390C3');" - qt_sql "SELECT MD5(\"abc\");" - - qt_sql "SELECT MD5(\"abcd\");" - qt_sql "SELECT MD5SUM(\"ab\",\"cd\");" + sql "set block_encryption_mode=\"AES_256_CBC\";" + test { + sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + exception "Incorrect parameter count in the call to native function 'aes_encrypt' or 'aes_decrypt'" + } + qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" + test { + sql "SELECT AES_DECRYPT(FROM_BASE64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');" + exception "Incorrect parameter count in the call to native function 'aes_encrypt' or 'aes_decrypt'" + } + qt_sql "SELECT AES_DECRYPT(FROM_BASE64('mvZT1KJw7N0RJf27aipUpg=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + qt_sql "SELECT AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" sql "set block_encryption_mode=\"SM4_128_CBC\";" - qt_sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + test { + sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } qt_sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" - qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');" + test { + sql "SELECT SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('G7yqOKfEyxdagboz6Qf01A=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + test { + sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + exception "session variable block_encryption_mode is invalid with aes" + } qt_sql "SELECT SM3(\"abc\");" qt_sql "select sm3(\"abcd\");" diff --git a/regression-test/suites/query_p0/sql_functions/encryption_digest/test_encryption_function.groovy b/regression-test/suites/query_p0/sql_functions/encryption_digest/test_encryption_function.groovy index 1f4324ec6a0c0d..9ca126ef4cf1d3 100644 --- a/regression-test/suites/query_p0/sql_functions/encryption_digest/test_encryption_function.groovy +++ b/regression-test/suites/query_p0/sql_functions/encryption_digest/test_encryption_function.groovy @@ -18,46 +18,51 @@ suite("test_encryption_function") { sql "set batch_size = 4096;" - sql "set block_encryption_mode=\"AES_256_CBC\";" + sql "set block_encryption_mode=\"AES_128_ECB\";" qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" qt_sql "SELECT AES_DECRYPT(FROM_BASE64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');" qt_sql "SELECT AES_DECRYPT(FROM_BASE64('mvZT1KJw7N0RJf27aipUpg=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + test { + sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + exception "session variable block_encryption_mode is invalid with sm4" + } - qt_sql "SELECT MD5(\"abc\");" - - qt_sql "SELECT MD5(\"abcd\");" - qt_sql "SELECT MD5SUM(\"ab\",\"cd\");" - - sql "set block_encryption_mode=\"SM4_128_CBC\";" - qt_sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" - qt_sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" - qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');" - qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('G7yqOKfEyxdagboz6Qf01A=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" - - qt_sql "SELECT SM3(\"abc\");" - qt_sql "select sm3(\"abcd\");" - qt_sql "select sm3sum(\"ab\",\"cd\");" - - sql 'set enable_nereids_planner=true' - sql 'set enable_fallback_to_original_planner=false' - - sql "set block_encryption_mode=\"AES_256_CBC\";" + sql "set block_encryption_mode=\"AES_256_ECB\";" qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" qt_sql "SELECT AES_DECRYPT(FROM_BASE64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');" - qt_sql "SELECT AES_DECRYPT(FROM_BASE64('mvZT1KJw7N0RJf27aipUpg=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + qt_sql "SELECT AES_DECRYPT(FROM_BASE64('BO2vxHeUcw5BQQalSBbo1w=='),'F3229A0B371ED2D9441B830D21A390C3');" - qt_sql "SELECT MD5(\"abc\");" - - qt_sql "SELECT MD5(\"abcd\");" - qt_sql "SELECT MD5SUM(\"ab\",\"cd\");" + sql "set block_encryption_mode=\"AES_256_CBC\";" + test { + sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + exception "Incorrect parameter count in the call to native function 'aes_encrypt' or 'aes_decrypt'" + } + qt_sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" + test { + sql "SELECT AES_DECRYPT(FROM_BASE64('wr2JEDVXzL9+2XtRhgIloA=='),'F3229A0B371ED2D9441B830D21A390C3');" + exception "Incorrect parameter count in the call to native function 'aes_encrypt' or 'aes_decrypt'" + } + qt_sql "SELECT AES_DECRYPT(FROM_BASE64('mvZT1KJw7N0RJf27aipUpg=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + qt_sql "SELECT AES_DECRYPT(FROM_BASE64('tsmK1HzbpnEdR2//WhO+MA=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" sql "set block_encryption_mode=\"SM4_128_CBC\";" - qt_sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + test { + sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } qt_sql "SELECT TO_BASE64(SM4_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3', '0123456789'));" - qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');" + test { + sql "SELECT SM4_DECRYPT(FROM_BASE64('aDjwRflBrDjhBZIOFNw3Tg=='),'F3229A0B371ED2D9441B830D21A390C3');" + exception "Incorrect parameter count in the call to native function 'sm4_encrypt' or 'sm4_decrypt'" + } qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('G7yqOKfEyxdagboz6Qf01A=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + qt_sql "SELECT SM4_DECRYPT(FROM_BASE64('1Y4NGIukSbv9OrkZnRD1bQ=='),'F3229A0B371ED2D9441B830D21A390C3', '0123456789');" + test { + sql "SELECT TO_BASE64(AES_ENCRYPT('text','F3229A0B371ED2D9441B830D21A390C3'));" + exception "session variable block_encryption_mode is invalid with aes" + } qt_sql "SELECT SM3(\"abc\");" qt_sql "select sm3(\"abcd\");"