-- -- AES cipher (aka Rijndael-128, -192, or -256) -- -- some standard Rijndael testvalues SELECT encrypt( '\x00112233445566778899aabbccddeeff', '\x000102030405060708090a0b0c0d0e0f', 'aes-ecb/pad:none'); encrypt ------------------------------------ \x69c4e0d86a7b0430d8cdb78070b4c55a (1 row) SELECT encrypt( '\x00112233445566778899aabbccddeeff', '\x000102030405060708090a0b0c0d0e0f1011121314151617', 'aes-ecb/pad:none'); encrypt ------------------------------------ \xdda97ca4864cdfe06eaf70a0ec0d7191 (1 row) SELECT encrypt( '\x00112233445566778899aabbccddeeff', '\x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', 'aes-ecb/pad:none'); encrypt ------------------------------------ \x8ea2b7ca516745bfeafc49904b496089 (1 row) -- cbc SELECT encrypt( '\x00112233445566778899aabbccddeeff', '\x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', 'aes-cbc/pad:none'); encrypt ------------------------------------ \x8ea2b7ca516745bfeafc49904b496089 (1 row) -- without padding, input not multiple of block size SELECT encrypt( '\x00112233445566778899aabbccddeeff00', '\x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', 'aes-cbc/pad:none'); ERROR: encrypt error: Encryption failed -- key padding SELECT encrypt( '\x0011223344', '\x000102030405', 'aes-cbc'); encrypt ------------------------------------ \x189a28932213f017b246678dbc28655f (1 row) SELECT encrypt( '\x0011223344', '\x000102030405060708090a0b0c0d0e0f10111213', 'aes-cbc'); encrypt ------------------------------------ \x3b02279162d15580e069d3a71407a556 (1 row) SELECT encrypt( '\x0011223344', '\x000102030405060708090a0b0c0d0e0f101112131415161718191a1b', 'aes-cbc'); encrypt ------------------------------------ \x4facb6a041d53e0a5a73289170901fe7 (1 row) -- empty data select encrypt('', 'foo', 'aes'); encrypt ------------------------------------ \xb48cc3338a2eb293b6007ef72c360d48 (1 row) -- 10 bytes key select encrypt('foo', '0123456789', 'aes'); encrypt ------------------------------------ \xf397f03d2819b7172b68d0706fda4693 (1 row) -- 22 bytes key select encrypt('foo', '0123456789012345678901', 'aes'); encrypt ------------------------------------ \x5c9db77af02b4678117bcd8a71ae7f53 (1 row) -- decrypt select encode(decrypt(encrypt('foo', '0123456', 'aes'), '0123456', 'aes'), 'escape'); encode -------- foo (1 row) -- data not multiple of block size select encode(decrypt(encrypt('foo', '0123456', 'aes') || '\x00'::bytea, '0123456', 'aes'), 'escape'); ERROR: decrypt error: Decryption failed -- bad padding -- (The input value is the result of encrypt_iv('abcdefghijklmnopqrstuvwxyz', '0123456', 'abcd', 'aes') -- with the 16th byte changed (s/db/eb/) to corrupt the padding of the last block.) select encode(decrypt_iv('\xa21a9c15231465964e3396d32095e67eb52bab05f556a581621dee1b85385789', '0123456', 'abcd', 'aes'), 'escape'); ERROR: decrypt_iv error: Decryption failed -- iv select encrypt_iv('foo', '0123456', 'abcd', 'aes'); encrypt_iv ------------------------------------ \x2c24cb7da91d6d5699801268b0f5adad (1 row) select encode(decrypt_iv('\x2c24cb7da91d6d5699801268b0f5adad', '0123456', 'abcd', 'aes'), 'escape'); encode -------- foo (1 row) -- long message select encrypt('Lets try a longer message.', '0123456789', 'aes'); encrypt -------------------------------------------------------------------- \xd9beb785dd5403ed02f66b755bb191b93ed93ca54930153f2c3b9ec7785056ad (1 row) select encode(decrypt(encrypt('Lets try a longer message.', '0123456789', 'aes'), '0123456789', 'aes'), 'escape'); encode ---------------------------- Lets try a longer message. (1 row) -- cfb SELECT encrypt( '\x00112233445566778899aabbccddeeff', '\x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', 'aes-cfb/pad:none'); encrypt ------------------------------------ \xf28122856e1cf9a7216a30d111f3997f (1 row) -- without padding, input not multiple of block size SELECT encrypt( '\x00112233445566778899aabbccddeeff00', '\x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f', 'aes-cfb/pad:none'); encrypt -------------------------------------- \xf28122856e1cf9a7216a30d111f3997fcb (1 row) -- key padding SELECT encrypt( '\x0011223344', '\x000102030405', 'aes-cfb'); encrypt -------------- \x8145d1a0ef (1 row) SELECT encrypt( '\x0011223344', '\x000102030405060708090a0b0c0d0e0f10111213', 'aes-cfb'); encrypt -------------- \x52642c3b9c (1 row) SELECT encrypt( '\x0011223344', '\x000102030405060708090a0b0c0d0e0f101112131415161718191a1b', 'aes-cfb'); encrypt -------------- \xc93b4468a4 (1 row) -- empty data select encrypt('', 'foo', 'aes-cfb'); encrypt --------- \x (1 row) -- 10 bytes key select encrypt('foo', '0123456789', 'aes-cfb'); encrypt ---------- \x6f8ced (1 row) -- 22 bytes key select encrypt('foo', '0123456789012345678901', 'aes-cfb'); encrypt ---------- \xfb47d2 (1 row) -- decrypt select encode(decrypt(encrypt('foo', '0123456', 'aes-cfb'), '0123456', 'aes-cfb'), 'escape'); encode -------- foo (1 row) -- data not multiple of block size select encode(decrypt(encrypt('foo', '0123456', 'aes-cfb') || '\x00'::bytea, '0123456', 'aes-cfb'), 'escape'); encode --------- foo\337 (1 row) -- bad padding -- (The input value is the result of encrypt_iv('abcdefghijklmnopqrstuvwxyz', '0123456', 'abcd', 'aes-cfb') -- with the 16th byte changed (s/c5/d5/) to corrupt the padding of the last block.) select encode(decrypt_iv('\xf9ad6817cb58d31dd9ba6571fbc4f55d56f65b631f0f437cb828', '0123456', 'abcd', 'aes-cfb'), 'escape'); encode ------------------------------------------------- abcdefghijklmnoq\243:\205o\x7F\x05z\276\x07\332 (1 row) -- iv select encrypt_iv('foo', '0123456', 'abcd', 'aes-cfb'); encrypt_iv ------------ \xfea064 (1 row) select encode(decrypt_iv('\xfea064', '0123456', 'abcd', 'aes-cfb'), 'escape'); encode -------- foo (1 row) -- long message select encrypt('Lets try a longer message.', '0123456789', 'aes-cfb'); encrypt -------------------------------------------------------- \x4586f6c6351055051f723b1b0aad52c877eaf0c421d18fd73a28 (1 row) select encode(decrypt(encrypt('Lets try a longer message.', '0123456789', 'aes-cfb'), '0123456789', 'aes-cfb'), 'escape'); encode ---------------------------- Lets try a longer message. (1 row)