ENHANCED_AES_DECRYPT

Syntax

ENHANCED_AES_DECRYPT(cipher_text[, iv])

Purpose

• This function is mainly used to AES decrypt data. The feature is controlled by the tde_method parameter. For more information, see tde_method.

• The required privilege is DECRYPT.

• cipher_text is the ciphertext to be AES decrypted.

• [, iv] is an optional parameter that specifies the initialization vector.

• The cipher_text parameter of the decryption function ENHANCED_AES_DECRYPT must be the result generated by the ENHANCED_AES_DECRYPT function. Otherwise, the 4334 OB_ERR_AES_DECRYPT error will be returned.

Examples

The SELECT statement uses the decryption function to return the plaintext.

-- Return the plaintext.
SELECT ENHANCED_AES_DECRYPT(cipher_col) FROM tbl;

Direct comparison between ciphertext and plaintext is not supported. You must decrypt the ciphertext or encrypt the plaintext before comparison.

-- Decrypt the cipher_col and expect to match the corresponding plaintext data '12345'. However, the index cannot be used.
SELECT ... FROM tbl WHERE ENHANCED_AES_DECRYPT(cipher_col) = '12345';

References

• ENHANCED_AES_ENCRYPT

• Privilege classification in MySQL mode