Des encryption and decryption in MySQL

Des_decrypt (Crypt_str[,key_str])

Use Des_encrypt () to encrypt a string. If an error occurs, this function returns NULL.

Note that this function will only work if MySQL is configured with SSL support. See section 5.8, 7, "Using a secure connection".

Without a given key_str parameter, Des_decrypt () first checks the first byte of the encrypted string to determine the number of DES cipher keys used to encrypt the original string, and then reads the keyword from the DES keyword file to decrypt the information. In order for it to run, the user must enjoy SUPER privileges. You can select the--des-key-file server to specify the keyword file.

If you pass a KEY_STR parameter to this function, the string is used as the key to decrypt the information.

If the CRYPT_STR parameter does not appear to be an encrypted string, MySQL returns the given CRYPT_STR.

Des_encrypt (str[, (KEY_NUM|KEY_STR)])

Encrypts the string with the keyword given by the triple-des algorithm. If an error occurs, this function returns NULL.

Note that this function will only run if MySQL is configured with SSL support. See section 5.8, 7, "Using a secure connection".

The choice of the encryption keyword used is based on the second to Des_encrypt () parameter, if given:

Parameters	Description
No parameters	Use the first keyword from a des keyword file.
Key_num	The keyword number (0-9) given by using the DES keyword file.
Key_str	Use the given keyword string for str encryption.

Select the--des-key-file server to specify a keyword file.

The return string is a binary string in which the first character is char (| key_num).

Plus 128 makes it easier to identify cryptographic keywords. If you use a string keyword, the key_num is 127.

The resulting string length is New_len = Orig_len + (8-(orig_len% 8)) +1.

Each row in the DES keyword file has the following format:

Key_num Des_key_str

Each key_num must be a number in the range from 0 to 0. The rows in the file are arranged in any order. Des_key_str is a string used to encrypt information. There should be at least one space between the number and the keyword. If you do not specify any of the keyword parameters to Des_encrypt (), the first keyword is the default usage keyword.

With the Flush Des_key_file statement, you can have MySQL read the new keyword value from the keyword file. This requires you to enjoy reload privileges.

One advantage of having a set of default keywords is that it provides the application with a way to verify the values of the encrypted columns without having to provide the end user with the power to decrypt the values.

Mysql> SELECT customer_address from customer_table

> WHERE Crypted_credit_card = Des_encrypt (' Credit_card_number ');

Des encryption and decryption in MySQL