File: func_aes_block.inc

package info (click to toggle)
mysql-8.0 8.0.43-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,273,924 kB
  • sloc: cpp: 4,684,605; ansic: 412,450; pascal: 108,398; java: 83,641; perl: 30,221; cs: 27,067; sql: 26,594; sh: 24,181; python: 21,816; yacc: 17,169; php: 11,522; xml: 7,388; javascript: 7,076; makefile: 2,194; lex: 1,075; awk: 670; asm: 520; objc: 183; ruby: 97; lisp: 86
file content (130 lines) | stat: -rw-r--r-- 4,052 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
 
#
# Parameters:
#
# $block_mode


--echo #### $block_mode

SET @IVA=REPEAT('a', 16);
SET @IVB=REPEAT('b', 16);
SET @KEY1=REPEAT('c', 16); 
SET @KEY2=REPEAT('d', 16); 


--echo #### 128-$block_mode

eval SET SESSION block_encryption_mode="aes-128-$block_mode";

--echo # must throw an error without an IV
--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
SELECT AES_ENCRYPT('a', @KEY1);

--echo block mode dependent. Must be non-0 and non-null
SELECT LENGTH(AES_ENCRYPT('a', @KEY1, @IVA));

--echo block mode dependent
SELECT TO_BASE64(AES_ENCRYPT('a', @KEY1, @IVA));

--echo # must be equal
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a', @KEY1, @IVA), @KEY1, @IVA);

--echo # must not be equal
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a',@KEY1, @IVA), @KEY1, @IVB);
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a',@KEY1, @IVA), @KEY2, @IVA);
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('b',@KEY1, @IVA), @KEY1, @IVA);


--echo #### 192-$block_mode

eval SET SESSION block_encryption_mode="aes-192-$block_mode";

--echo # must throw an error without an IV
--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
SELECT AES_ENCRYPT('a', @KEY1);

--echo # must be equal
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a',@KEY1, @IVA), @KEY1, @IVA);

--echo # must not be equal
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a',@KEY1, @IVA), @KEY1, @IVB);
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a',@KEY1, @IVA), @KEY2, @IVA);
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('b',@KEY1, @IVA), @KEY1, @IVA);


--echo #### 256-$block_mode

eval SET SESSION block_encryption_mode="aes-256-$block_mode";

--echo # must throw an error without an IV
--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
SELECT AES_ENCRYPT('a', @KEY1);

--echo # must be equal
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a',@KEY1, @IVA), @KEY1, @IVA);

--echo # must not be equal
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a',@KEY1, @IVA), @KEY1, @IVB);
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('a',@KEY1, @IVA), @KEY2, @IVA);
SELECT 'a' = AES_DECRYPT(AES_ENCRYPT('b',@KEY1, @IVA), @KEY1, @IVA);

SET SESSION block_encryption_mode=DEFAULT;


--echo #### 128, 192 and 256 bit $block_mode


eval CREATE TABLE aes_$block_mode(a VARBINARY(128), b128 VARBINARY(144),
  b192 VARBINARY(144), b256 BINARY(144));
eval INSERT INTO aes_$block_mode (a) VALUES (REPEAT('a', 128));
eval INSERT INTO aes_$block_mode (a) VALUES (REPEAT(0x00313233, 32));

eval SET SESSION block_encryption_mode="aes-128-$block_mode";
eval UPDATE aes_$block_mode SET b128 = AES_ENCRYPT(a, @KEY1, @IVA);

eval SET SESSION block_encryption_mode="aes-192-$block_mode";
eval UPDATE aes_$block_mode SET b192 = AES_ENCRYPT(a, @KEY1, @IVA);

eval SET SESSION block_encryption_mode="aes-256-$block_mode";
eval UPDATE aes_$block_mode SET b256 = AES_ENCRYPT(a, @KEY1, @IVA);

--echo # must return 0
eval SELECT COUNT(*) FROM aes_$block_mode WHERE b128 = b192 OR B192 = b256 OR b128=b256;

eval SET SESSION block_encryption_mode="aes-256-$block_mode";

--echo # must return 2
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b256, @KEY1, @IVA);

--echo # must return 0
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b256, 'b', @IVA);

--echo # must return 0
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b256, @KEY1, @IVB);

eval SET SESSION block_encryption_mode="aes-192-$block_mode";

--echo # must return 2
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b192, @KEY1, @IVA);

--echo # must return 0
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b192, @KEY2, @IVA);

--echo # must return 0
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b256, @KEY1, @IVB);

eval SET SESSION block_encryption_mode="aes-128-$block_mode";

--echo # must return 2
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b128, @KEY1, @IVA);

--echo # must return 0
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b128, @KEY2, @IVA);

--echo # must return 0
eval SELECT COUNT(*) FROM aes_$block_mode WHERE a = AES_DECRYPT(b256, @KEY2, @IVB);


SET SESSION block_encryption_mode=DEFAULT;
eval DROP TABLE aes_$block_mode;