Updated on 2024-12-06 GMT+08:00

Encryption Functions

Table 1 Encryption functions

No.

MySQL

GaussDB

Difference

1

AES_DECRYPT()

Supported.

  1. GaussDB does not support ECB mode, which is an insecure encryption mode, but uses CBC mode by default.
  2. When characters are specified to be encoded in SQL_ASCII for GaussDB, the server parses byte values 0 to 127 according to the ASCII standard, and byte values 128 to 255 cannot be parsed. If the input and output of the function contain any non-ASCII characters, the database cannot help you convert or verify them.
  3. The return value type in MySQL is BINARY, VARBINARY, BLOB, MEDIUMBLOB, or LONGBLOB, while the return value type in GaussDB is fixed to LONGBLOB.
  4. The GUC parameter block_encryption_mode cannot be set to a number.

2

AES_ENCRYPT()

Supported.

3

PASSWORD()

Supported, with differences.

  • In MySQL, the GUC parameter old_passwords can be used to control how the hash generates passwords.
    • The default value of old_passwords is 0.
    • If old_passwords is set to 0, MySQL 4.1 native hashing is used for encryption.
    • If old_passwords is set to 2, SHA-256 hashing is used for encryption.
  • The GUC parameter old_passwords is not supported in GaussDB. The behavior of the password function is only consistent with the default behavior (that is, when the value of old_passwords is 0).
  • When the length of the inserted string of the BINARY type is less than the target length, the padding characters in GaussDB are different from those in MySQL. Therefore, when the input parameter is of the BINARY type, the function result in GaussDB is different from that in MySQL.