Function-based Encryption
Data encryption is widely used in information systems to prevent unauthorized access and data leakage. As the core of an information system, the GaussDB(DWS) data warehouse also provides data encryption functions, including transparent encryption and encryption using SQL functions.
GaussDB(DWS) provides hash functions and symmetric cryptographic algorithms to encrypt and decrypt columns. Hash functions include sha256, sha384, sha512, and SM3. Symmetric cryptographic algorithms include AES128, AES192, AES256, and SM4.
- Hash functions
- Symmetric cryptographic algorithms
- gs_encrypt(encryptstr, keystr, cryptotype, cryptomode, hashmethod)
Encrypts an encryptstr string using the keystr key based on the cryptographic algorithm specified by cryptotype and cryptomode and the HMAC algorithm specified by hashmethod, and returns the encrypted string.
- gs_decrypt(decryptstr, keystr, cryptotype, cryptomode, hashmethod)
Decrypts a decryptstr string using the keystr key based on the cryptographic algorithm specified by cryptotype and cryptomode and the HMAC algorithm specified by hashmethod, and returns the decrypted string. The keystr used for decryption must be the same as that used for encryption.
- gs_encrypt_aes128(encryptstr,keystr)
Encrypts encryptstr strings using keystr as the key and returns encrypted strings. The length of keystr ranges from 1 to 16 bytes.
- gs_decrypt_aes128(decryptstr,keystr)
Decrypts a decryptstr string using the keystr key and returns the decrypted string. The keystr used for decryption must be the same as that used for encryption. keystr cannot be empty.
- gs_encrypt(encryptstr, keystr, cryptotype, cryptomode, hashmethod)
For details, see Encrypting and Decrypting Data Columns.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.