From 79cc2e4c1c747197732e6177a2cd52965d4f5534 Mon Sep 17 00:00:00 2001 From: Vitaliy Zakaznikov Date: Wed, 27 Jan 2021 08:20:44 -0500 Subject: [PATCH] Updating AES encryption SRS. Adding test for LowCardinality(FixedString(N)) data type for plaintext. --- .../requirements/requirements.md | 280 ++++--- .../requirements/requirements.py | 734 ++++++++++-------- .../testflows/aes_encryption/tests/common.py | 1 + .../testflows/aes_encryption/tests/encrypt.py | 2 +- .../aes_encryption/tests/encrypt_mysql.py | 2 +- .../snapshots/encrypt.py.encrypt.snapshot | 66 ++ .../encrypt_mysql.py.encrypt_mysql.snapshot | 66 ++ 7 files changed, 687 insertions(+), 464 deletions(-) diff --git a/tests/testflows/aes_encryption/requirements/requirements.md b/tests/testflows/aes_encryption/requirements/requirements.md index e5052357469..4621a15af9d 100644 --- a/tests/testflows/aes_encryption/requirements/requirements.md +++ b/tests/testflows/aes_encryption/requirements/requirements.md @@ -6,102 +6,113 @@ * 1 [Revision History](#revision-history) * 2 [Introduction](#introduction) * 3 [Terminology](#terminology) + * 3.1 [AES](#aes) + * 3.2 [AEAD](#aead) * 4 [Requirements](#requirements) * 4.1 [Generic](#generic) * 4.1.1 [RQ.SRS008.AES.Functions](#rqsrs008aesfunctions) - * 4.1.2 [RQ.SRS008.AES.Functions.Compatability.MySQL](#rqsrs008aesfunctionscompatabilitymysql) - * 4.1.3 [RQ.SRS008.AES.Functions.Compatability.Dictionaries](#rqsrs008aesfunctionscompatabilitydictionaries) - * 4.1.4 [RQ.SRS008.AES.Functions.Compatability.Engine.Database.MySQL](#rqsrs008aesfunctionscompatabilityenginedatabasemysql) - * 4.1.5 [RQ.SRS008.AES.Functions.Compatability.Engine.Table.MySQL](#rqsrs008aesfunctionscompatabilityenginetablemysql) - * 4.1.6 [RQ.SRS008.AES.Functions.Compatability.TableFunction.MySQL](#rqsrs008aesfunctionscompatabilitytablefunctionmysql) - * 4.1.7 [RQ.SRS008.AES.Functions.DifferentModes](#rqsrs008aesfunctionsdifferentmodes) - * 4.1.8 [RQ.SRS008.AES.Functions.DataFromMultipleSources](#rqsrs008aesfunctionsdatafrommultiplesources) - * 4.1.9 [RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues](#rqsrs008aesfunctionssuppressoutputofsensitivevalues) - * 4.1.10 [RQ.SRS008.AES.Functions.InvalidParameters](#rqsrs008aesfunctionsinvalidparameters) - * 4.1.11 [RQ.SRS008.AES.Functions.Mismatched.Key](#rqsrs008aesfunctionsmismatchedkey) - * 4.1.12 [RQ.SRS008.AES.Functions.Mismatched.IV](#rqsrs008aesfunctionsmismatchediv) - * 4.1.13 [RQ.SRS008.AES.Functions.Mismatched.AAD](#rqsrs008aesfunctionsmismatchedaad) - * 4.1.14 [RQ.SRS008.AES.Functions.Mismatched.Mode](#rqsrs008aesfunctionsmismatchedmode) - * 4.1.15 [RQ.SRS008.AES.Functions.Check.Performance](#rqsrs008aesfunctionscheckperformance) - * 4.1.16 [RQ.SRS008.AES.Function.Check.Performance.BestCase](#rqsrs008aesfunctioncheckperformancebestcase) - * 4.1.17 [RQ.SRS008.AES.Function.Check.Performance.WorstCase](#rqsrs008aesfunctioncheckperformanceworstcase) - * 4.1.18 [RQ.SRS008.AES.Functions.Check.Compression](#rqsrs008aesfunctionscheckcompression) - * 4.1.19 [RQ.SRS008.AES.Functions.Check.Compression.LowCardinality](#rqsrs008aesfunctionscheckcompressionlowcardinality) - * 4.2 [Specific](#specific) - * 4.2.1 [RQ.SRS008.AES.Encrypt.Function](#rqsrs008aesencryptfunction) - * 4.2.2 [RQ.SRS008.AES.Encrypt.Function.Syntax](#rqsrs008aesencryptfunctionsyntax) - * 4.2.3 [RQ.SRS008.AES.Encrypt.Function.NIST.TestVectors](#rqsrs008aesencryptfunctionnisttestvectors) - * 4.2.4 [RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText](#rqsrs008aesencryptfunctionparametersplaintext) - * 4.2.5 [RQ.SRS008.AES.Encrypt.Function.Parameters.Key](#rqsrs008aesencryptfunctionparameterskey) - * 4.2.6 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode](#rqsrs008aesencryptfunctionparametersmode) - * 4.2.7 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesencryptfunctionparametersmodevaluesformat) - * 4.2.8 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesencryptfunctionparametersmodevalueinvalid) - * 4.2.9 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Values](#rqsrs008aesencryptfunctionparametersmodevalues) - * 4.2.10 [RQ.SRS008.AES.Encrypt.Function.Parameters.InitializationVector](#rqsrs008aesencryptfunctionparametersinitializationvector) - * 4.2.11 [RQ.SRS008.AES.Encrypt.Function.Parameters.AdditionalAuthenticatedData](#rqsrs008aesencryptfunctionparametersadditionalauthenticateddata) - * 4.2.12 [RQ.SRS008.AES.Encrypt.Function.Parameters.ReturnValue](#rqsrs008aesencryptfunctionparametersreturnvalue) - * 4.2.13 [RQ.SRS008.AES.Encrypt.Function.Key.Length.InvalidLengthError](#rqsrs008aesencryptfunctionkeylengthinvalidlengtherror) - * 4.2.14 [RQ.SRS008.AES.Encrypt.Function.InitializationVector.Length.InvalidLengthError](#rqsrs008aesencryptfunctioninitializationvectorlengthinvalidlengtherror) - * 4.2.15 [RQ.SRS008.AES.Encrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesencryptfunctioninitializationvectornotvalidformode) - * 4.2.16 [RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.NotValidForMode](#rqsrs008aesencryptfunctionadditionalauthenticationdatanotvalidformode) - * 4.2.17 [RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.Length](#rqsrs008aesencryptfunctionadditionalauthenticationdatalength) - * 4.2.18 [RQ.SRS008.AES.Encrypt.Function.NonGCMMode.KeyAndInitializationVector.Length](#rqsrs008aesencryptfunctionnongcmmodekeyandinitializationvectorlength) - * 4.2.19 [RQ.SRS008.AES.Encrypt.Function.GCMMode.KeyAndInitializationVector.Length](#rqsrs008aesencryptfunctiongcmmodekeyandinitializationvectorlength) - * 4.2.20 [RQ.SRS008.AES.Decrypt.Function](#rqsrs008aesdecryptfunction) - * 4.2.21 [RQ.SRS008.AES.Decrypt.Function.Syntax](#rqsrs008aesdecryptfunctionsyntax) - * 4.2.22 [RQ.SRS008.AES.Decrypt.Function.Parameters.CipherText](#rqsrs008aesdecryptfunctionparametersciphertext) - * 4.2.23 [RQ.SRS008.AES.Decrypt.Function.Parameters.Key](#rqsrs008aesdecryptfunctionparameterskey) - * 4.2.24 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode](#rqsrs008aesdecryptfunctionparametersmode) - * 4.2.25 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesdecryptfunctionparametersmodevaluesformat) - * 4.2.26 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesdecryptfunctionparametersmodevalueinvalid) - * 4.2.27 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Values](#rqsrs008aesdecryptfunctionparametersmodevalues) - * 4.2.28 [RQ.SRS008.AES.Decrypt.Function.Parameters.InitializationVector](#rqsrs008aesdecryptfunctionparametersinitializationvector) - * 4.2.29 [RQ.SRS008.AES.Decrypt.Function.Parameters.AdditionalAuthenticatedData](#rqsrs008aesdecryptfunctionparametersadditionalauthenticateddata) - * 4.2.30 [RQ.SRS008.AES.Decrypt.Function.Parameters.ReturnValue](#rqsrs008aesdecryptfunctionparametersreturnvalue) - * 4.2.31 [RQ.SRS008.AES.Decrypt.Function.Key.Length.InvalidLengthError](#rqsrs008aesdecryptfunctionkeylengthinvalidlengtherror) - * 4.2.32 [RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError](#rqsrs008aesdecryptfunctioninitializationvectorlengthinvalidlengtherror) - * 4.2.33 [RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesdecryptfunctioninitializationvectornotvalidformode) - * 4.2.34 [RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.NotValidForMode](#rqsrs008aesdecryptfunctionadditionalauthenticationdatanotvalidformode) - * 4.2.35 [RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.Length](#rqsrs008aesdecryptfunctionadditionalauthenticationdatalength) - * 4.2.36 [RQ.SRS008.AES.Decrypt.Function.NonGCMMode.KeyAndInitializationVector.Length](#rqsrs008aesdecryptfunctionnongcmmodekeyandinitializationvectorlength) - * 4.2.37 [RQ.SRS008.AES.Decrypt.Function.GCMMode.KeyAndInitializationVector.Length](#rqsrs008aesdecryptfunctiongcmmodekeyandinitializationvectorlength) - * 4.3 [MySQL Specific Functions](#mysql-specific-functions) - * 4.3.1 [RQ.SRS008.AES.MySQL.Encrypt.Function](#rqsrs008aesmysqlencryptfunction) - * 4.3.2 [RQ.SRS008.AES.MySQL.Encrypt.Function.Syntax](#rqsrs008aesmysqlencryptfunctionsyntax) - * 4.3.3 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText](#rqsrs008aesmysqlencryptfunctionparametersplaintext) - * 4.3.4 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key](#rqsrs008aesmysqlencryptfunctionparameterskey) - * 4.3.5 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode](#rqsrs008aesmysqlencryptfunctionparametersmode) - * 4.3.6 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesformat) - * 4.3.7 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesmysqlencryptfunctionparametersmodevalueinvalid) - * 4.3.8 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values](#rqsrs008aesmysqlencryptfunctionparametersmodevalues) - * 4.3.9 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.GCM.Error](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesgcmerror) - * 4.3.10 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.CTR.Error](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesctrerror) - * 4.3.11 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.InitializationVector](#rqsrs008aesmysqlencryptfunctionparametersinitializationvector) - * 4.3.12 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.ReturnValue](#rqsrs008aesmysqlencryptfunctionparametersreturnvalue) - * 4.3.13 [RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooShortError](#rqsrs008aesmysqlencryptfunctionkeylengthtooshorterror) - * 4.3.14 [RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooLong](#rqsrs008aesmysqlencryptfunctionkeylengthtoolong) - * 4.3.15 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooShortError](#rqsrs008aesmysqlencryptfunctioninitializationvectorlengthtooshorterror) - * 4.3.16 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooLong](#rqsrs008aesmysqlencryptfunctioninitializationvectorlengthtoolong) - * 4.3.17 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesmysqlencryptfunctioninitializationvectornotvalidformode) - * 4.3.18 [RQ.SRS008.AES.MySQL.Encrypt.Function.Mode.KeyAndInitializationVector.Length](#rqsrs008aesmysqlencryptfunctionmodekeyandinitializationvectorlength) - * 4.3.19 [RQ.SRS008.AES.MySQL.Decrypt.Function](#rqsrs008aesmysqldecryptfunction) - * 4.3.20 [RQ.SRS008.AES.MySQL.Decrypt.Function.Syntax](#rqsrs008aesmysqldecryptfunctionsyntax) - * 4.3.21 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.CipherText](#rqsrs008aesmysqldecryptfunctionparametersciphertext) - * 4.3.22 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key](#rqsrs008aesmysqldecryptfunctionparameterskey) - * 4.3.23 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode](#rqsrs008aesmysqldecryptfunctionparametersmode) - * 4.3.24 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesformat) - * 4.3.25 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesmysqldecryptfunctionparametersmodevalueinvalid) - * 4.3.26 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values](#rqsrs008aesmysqldecryptfunctionparametersmodevalues) - * 4.3.27 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.GCM.Error](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesgcmerror) - * 4.3.28 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.CTR.Error](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesctrerror) - * 4.3.29 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.InitializationVector](#rqsrs008aesmysqldecryptfunctionparametersinitializationvector) - * 4.3.30 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.ReturnValue](#rqsrs008aesmysqldecryptfunctionparametersreturnvalue) - * 4.3.31 [RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooShortError](#rqsrs008aesmysqldecryptfunctionkeylengthtooshorterror) - * 4.3.32 [RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooLong](#rqsrs008aesmysqldecryptfunctionkeylengthtoolong) - * 4.3.33 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooShortError](#rqsrs008aesmysqldecryptfunctioninitializationvectorlengthtooshorterror) - * 4.3.34 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooLong](#rqsrs008aesmysqldecryptfunctioninitializationvectorlengthtoolong) - * 4.3.35 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesmysqldecryptfunctioninitializationvectornotvalidformode) - * 4.3.36 [RQ.SRS008.AES.MySQL.Decrypt.Function.Mode.KeyAndInitializationVector.Length](#rqsrs008aesmysqldecryptfunctionmodekeyandinitializationvectorlength) + * 4.2 [Compatibility](#compatibility) + * 4.2.1 [RQ.SRS008.AES.Functions.Compatibility.MySQL](#rqsrs008aesfunctionscompatibilitymysql) + * 4.2.2 [RQ.SRS008.AES.Functions.Compatibility.Dictionaries](#rqsrs008aesfunctionscompatibilitydictionaries) + * 4.2.3 [RQ.SRS008.AES.Functions.Compatibility.Engine.Database.MySQL](#rqsrs008aesfunctionscompatibilityenginedatabasemysql) + * 4.2.4 [RQ.SRS008.AES.Functions.Compatibility.Engine.Table.MySQL](#rqsrs008aesfunctionscompatibilityenginetablemysql) + * 4.2.5 [RQ.SRS008.AES.Functions.Compatibility.TableFunction.MySQL](#rqsrs008aesfunctionscompatibilitytablefunctionmysql) + * 4.3 [Different Modes](#different-modes) + * 4.3.1 [RQ.SRS008.AES.Functions.DifferentModes](#rqsrs008aesfunctionsdifferentmodes) + * 4.4 [Multiple Sources](#multiple-sources) + * 4.4.1 [RQ.SRS008.AES.Functions.DataFromMultipleSources](#rqsrs008aesfunctionsdatafrommultiplesources) + * 4.5 [Suppressing Sensitive Values](#suppressing-sensitive-values) + * 4.5.1 [RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues](#rqsrs008aesfunctionssuppressoutputofsensitivevalues) + * 4.6 [Invalid Parameters](#invalid-parameters) + * 4.6.1 [RQ.SRS008.AES.Functions.InvalidParameters](#rqsrs008aesfunctionsinvalidparameters) + * 4.7 [Mismatched Values](#mismatched-values) + * 4.7.1 [RQ.SRS008.AES.Functions.Mismatched.Key](#rqsrs008aesfunctionsmismatchedkey) + * 4.7.2 [RQ.SRS008.AES.Functions.Mismatched.IV](#rqsrs008aesfunctionsmismatchediv) + * 4.7.3 [RQ.SRS008.AES.Functions.Mismatched.AAD](#rqsrs008aesfunctionsmismatchedaad) + * 4.7.4 [RQ.SRS008.AES.Functions.Mismatched.Mode](#rqsrs008aesfunctionsmismatchedmode) + * 4.8 [Performance](#performance) + * 4.8.1 [RQ.SRS008.AES.Functions.Check.Performance](#rqsrs008aesfunctionscheckperformance) + * 4.8.2 [RQ.SRS008.AES.Function.Check.Performance.BestCase](#rqsrs008aesfunctioncheckperformancebestcase) + * 4.8.3 [RQ.SRS008.AES.Function.Check.Performance.WorstCase](#rqsrs008aesfunctioncheckperformanceworstcase) + * 4.8.4 [RQ.SRS008.AES.Functions.Check.Compression](#rqsrs008aesfunctionscheckcompression) + * 4.8.5 [RQ.SRS008.AES.Functions.Check.Compression.LowCardinality](#rqsrs008aesfunctionscheckcompressionlowcardinality) + * 4.9 [Encrypt Function](#encrypt-function) + * 4.9.1 [RQ.SRS008.AES.Encrypt.Function](#rqsrs008aesencryptfunction) + * 4.9.2 [RQ.SRS008.AES.Encrypt.Function.Syntax](#rqsrs008aesencryptfunctionsyntax) + * 4.9.3 [RQ.SRS008.AES.Encrypt.Function.NIST.TestVectors](#rqsrs008aesencryptfunctionnisttestvectors) + * 4.9.4 [RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText](#rqsrs008aesencryptfunctionparametersplaintext) + * 4.9.5 [RQ.SRS008.AES.Encrypt.Function.Parameters.Key](#rqsrs008aesencryptfunctionparameterskey) + * 4.9.6 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode](#rqsrs008aesencryptfunctionparametersmode) + * 4.9.7 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesencryptfunctionparametersmodevaluesformat) + * 4.9.8 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesencryptfunctionparametersmodevalueinvalid) + * 4.9.9 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Values](#rqsrs008aesencryptfunctionparametersmodevalues) + * 4.9.10 [RQ.SRS008.AES.Encrypt.Function.Parameters.InitializationVector](#rqsrs008aesencryptfunctionparametersinitializationvector) + * 4.9.11 [RQ.SRS008.AES.Encrypt.Function.Parameters.AdditionalAuthenticatedData](#rqsrs008aesencryptfunctionparametersadditionalauthenticateddata) + * 4.9.12 [RQ.SRS008.AES.Encrypt.Function.Parameters.ReturnValue](#rqsrs008aesencryptfunctionparametersreturnvalue) + * 4.9.13 [RQ.SRS008.AES.Encrypt.Function.Key.Length.InvalidLengthError](#rqsrs008aesencryptfunctionkeylengthinvalidlengtherror) + * 4.9.14 [RQ.SRS008.AES.Encrypt.Function.InitializationVector.Length.InvalidLengthError](#rqsrs008aesencryptfunctioninitializationvectorlengthinvalidlengtherror) + * 4.9.15 [RQ.SRS008.AES.Encrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesencryptfunctioninitializationvectornotvalidformode) + * 4.9.16 [RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.NotValidForMode](#rqsrs008aesencryptfunctionadditionalauthenticationdatanotvalidformode) + * 4.9.17 [RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.Length](#rqsrs008aesencryptfunctionadditionalauthenticationdatalength) + * 4.9.18 [RQ.SRS008.AES.Encrypt.Function.NonGCMMode.KeyAndInitializationVector.Length](#rqsrs008aesencryptfunctionnongcmmodekeyandinitializationvectorlength) + * 4.9.19 [RQ.SRS008.AES.Encrypt.Function.GCMMode.KeyAndInitializationVector.Length](#rqsrs008aesencryptfunctiongcmmodekeyandinitializationvectorlength) + * 4.10 [Decrypt Function](#decrypt-function) + * 4.10.1 [RQ.SRS008.AES.Decrypt.Function](#rqsrs008aesdecryptfunction) + * 4.10.2 [RQ.SRS008.AES.Decrypt.Function.Syntax](#rqsrs008aesdecryptfunctionsyntax) + * 4.10.3 [RQ.SRS008.AES.Decrypt.Function.Parameters.CipherText](#rqsrs008aesdecryptfunctionparametersciphertext) + * 4.10.4 [RQ.SRS008.AES.Decrypt.Function.Parameters.Key](#rqsrs008aesdecryptfunctionparameterskey) + * 4.10.5 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode](#rqsrs008aesdecryptfunctionparametersmode) + * 4.10.6 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesdecryptfunctionparametersmodevaluesformat) + * 4.10.7 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesdecryptfunctionparametersmodevalueinvalid) + * 4.10.8 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Values](#rqsrs008aesdecryptfunctionparametersmodevalues) + * 4.10.9 [RQ.SRS008.AES.Decrypt.Function.Parameters.InitializationVector](#rqsrs008aesdecryptfunctionparametersinitializationvector) + * 4.10.10 [RQ.SRS008.AES.Decrypt.Function.Parameters.AdditionalAuthenticatedData](#rqsrs008aesdecryptfunctionparametersadditionalauthenticateddata) + * 4.10.11 [RQ.SRS008.AES.Decrypt.Function.Parameters.ReturnValue](#rqsrs008aesdecryptfunctionparametersreturnvalue) + * 4.10.12 [RQ.SRS008.AES.Decrypt.Function.Key.Length.InvalidLengthError](#rqsrs008aesdecryptfunctionkeylengthinvalidlengtherror) + * 4.10.13 [RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError](#rqsrs008aesdecryptfunctioninitializationvectorlengthinvalidlengtherror) + * 4.10.14 [RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesdecryptfunctioninitializationvectornotvalidformode) + * 4.10.15 [RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.NotValidForMode](#rqsrs008aesdecryptfunctionadditionalauthenticationdatanotvalidformode) + * 4.10.16 [RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.Length](#rqsrs008aesdecryptfunctionadditionalauthenticationdatalength) + * 4.10.17 [RQ.SRS008.AES.Decrypt.Function.NonGCMMode.KeyAndInitializationVector.Length](#rqsrs008aesdecryptfunctionnongcmmodekeyandinitializationvectorlength) + * 4.10.18 [RQ.SRS008.AES.Decrypt.Function.GCMMode.KeyAndInitializationVector.Length](#rqsrs008aesdecryptfunctiongcmmodekeyandinitializationvectorlength) + * 4.11 [MySQL Encrypt Function](#mysql-encrypt-function) + * 4.11.1 [RQ.SRS008.AES.MySQL.Encrypt.Function](#rqsrs008aesmysqlencryptfunction) + * 4.11.2 [RQ.SRS008.AES.MySQL.Encrypt.Function.Syntax](#rqsrs008aesmysqlencryptfunctionsyntax) + * 4.11.3 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText](#rqsrs008aesmysqlencryptfunctionparametersplaintext) + * 4.11.4 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key](#rqsrs008aesmysqlencryptfunctionparameterskey) + * 4.11.5 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode](#rqsrs008aesmysqlencryptfunctionparametersmode) + * 4.11.6 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesformat) + * 4.11.7 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesmysqlencryptfunctionparametersmodevalueinvalid) + * 4.11.8 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values](#rqsrs008aesmysqlencryptfunctionparametersmodevalues) + * 4.11.9 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.GCM.Error](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesgcmerror) + * 4.11.10 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.CTR.Error](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesctrerror) + * 4.11.11 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.InitializationVector](#rqsrs008aesmysqlencryptfunctionparametersinitializationvector) + * 4.11.12 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.ReturnValue](#rqsrs008aesmysqlencryptfunctionparametersreturnvalue) + * 4.11.13 [RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooShortError](#rqsrs008aesmysqlencryptfunctionkeylengthtooshorterror) + * 4.11.14 [RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooLong](#rqsrs008aesmysqlencryptfunctionkeylengthtoolong) + * 4.11.15 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooShortError](#rqsrs008aesmysqlencryptfunctioninitializationvectorlengthtooshorterror) + * 4.11.16 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooLong](#rqsrs008aesmysqlencryptfunctioninitializationvectorlengthtoolong) + * 4.11.17 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesmysqlencryptfunctioninitializationvectornotvalidformode) + * 4.11.18 [RQ.SRS008.AES.MySQL.Encrypt.Function.Mode.KeyAndInitializationVector.Length](#rqsrs008aesmysqlencryptfunctionmodekeyandinitializationvectorlength) + * 4.12 [MySQL Decrypt Function](#mysql-decrypt-function) + * 4.12.1 [RQ.SRS008.AES.MySQL.Decrypt.Function](#rqsrs008aesmysqldecryptfunction) + * 4.12.2 [RQ.SRS008.AES.MySQL.Decrypt.Function.Syntax](#rqsrs008aesmysqldecryptfunctionsyntax) + * 4.12.3 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.CipherText](#rqsrs008aesmysqldecryptfunctionparametersciphertext) + * 4.12.4 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key](#rqsrs008aesmysqldecryptfunctionparameterskey) + * 4.12.5 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode](#rqsrs008aesmysqldecryptfunctionparametersmode) + * 4.12.6 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesformat) + * 4.12.7 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesmysqldecryptfunctionparametersmodevalueinvalid) + * 4.12.8 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values](#rqsrs008aesmysqldecryptfunctionparametersmodevalues) + * 4.12.9 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.GCM.Error](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesgcmerror) + * 4.12.10 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.CTR.Error](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesctrerror) + * 4.12.11 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.InitializationVector](#rqsrs008aesmysqldecryptfunctionparametersinitializationvector) + * 4.12.12 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.ReturnValue](#rqsrs008aesmysqldecryptfunctionparametersreturnvalue) + * 4.12.13 [RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooShortError](#rqsrs008aesmysqldecryptfunctionkeylengthtooshorterror) + * 4.12.14 [RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooLong](#rqsrs008aesmysqldecryptfunctionkeylengthtoolong) + * 4.12.15 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooShortError](#rqsrs008aesmysqldecryptfunctioninitializationvectorlengthtooshorterror) + * 4.12.16 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooLong](#rqsrs008aesmysqldecryptfunctioninitializationvectorlengthtoolong) + * 4.12.17 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesmysqldecryptfunctioninitializationvectornotvalidformode) + * 4.12.18 [RQ.SRS008.AES.MySQL.Decrypt.Function.Mode.KeyAndInitializationVector.Length](#rqsrs008aesmysqldecryptfunctionmodekeyandinitializationvectorlength) * 5 [References](#references) ## Revision History @@ -122,9 +133,14 @@ accessed on remote [MySQL] servers via [MySQL Dictionary] or [MySQL Database Eng ## Terminology -* **AES** - +### AES + Advanced Encryption Standard ([AES]) +### AEAD + + Authenticated Encryption with Associated Data + ## Requirements ### Generic @@ -134,38 +150,44 @@ version: 1.0 [ClickHouse] SHALL support [AES] encryption functions to encrypt and decrypt data. -#### RQ.SRS008.AES.Functions.Compatability.MySQL +### Compatibility + +#### RQ.SRS008.AES.Functions.Compatibility.MySQL version: 1.0 [ClickHouse] SHALL support [AES] encryption functions compatible with [MySQL 5.7]. -#### RQ.SRS008.AES.Functions.Compatability.Dictionaries +#### RQ.SRS008.AES.Functions.Compatibility.Dictionaries version: 1.0 [ClickHouse] SHALL support encryption and decryption of data accessed on remote [MySQL] servers using [MySQL Dictionary]. -#### RQ.SRS008.AES.Functions.Compatability.Engine.Database.MySQL +#### RQ.SRS008.AES.Functions.Compatibility.Engine.Database.MySQL version: 1.0 [ClickHouse] SHALL support encryption and decryption of data accessed using [MySQL Database Engine], -#### RQ.SRS008.AES.Functions.Compatability.Engine.Table.MySQL +#### RQ.SRS008.AES.Functions.Compatibility.Engine.Table.MySQL version: 1.0 [ClickHouse] SHALL support encryption and decryption of data accessed using [MySQL Table Engine]. -#### RQ.SRS008.AES.Functions.Compatability.TableFunction.MySQL +#### RQ.SRS008.AES.Functions.Compatibility.TableFunction.MySQL version: 1.0 [ClickHouse] SHALL support encryption and decryption of data accessed using [MySQL Table Function]. +### Different Modes + #### RQ.SRS008.AES.Functions.DifferentModes version: 1.0 [ClickHouse] SHALL allow different modes to be supported in a single SQL statement using explicit function parameters. +### Multiple Sources + #### RQ.SRS008.AES.Functions.DataFromMultipleSources version: 1.0 @@ -174,17 +196,23 @@ in the `SELECT` statement, including [ClickHouse] [MergeTree] table as well as [ [MySQL Database Engine], [MySQL Table Engine], and [MySQL Table Function] with possibly different encryption schemes. +### Suppressing Sensitive Values + #### RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues version: 1.0 [ClickHouse] SHALL suppress output of [AES] `string` and `key` parameters to the system log, error log, and `query_log` table to prevent leakage of sensitive values. +### Invalid Parameters + #### RQ.SRS008.AES.Functions.InvalidParameters version: 1.0 [ClickHouse] SHALL return an error when parameters are invalid. +### Mismatched Values + #### RQ.SRS008.AES.Functions.Mismatched.Key version: 1.0 @@ -205,6 +233,8 @@ version: 1.0 [ClickHouse] SHALL return an error or garbage for mismatched mode. +### Performance + #### RQ.SRS008.AES.Functions.Check.Performance version: 1.0 @@ -233,7 +263,7 @@ version: 1.0 Effect of [AES] encryption on the compression of a column with [LowCardinality] data type SHALL be measured. -### Specific +### Encrypt Function #### RQ.SRS008.AES.Encrypt.Function version: 1.0 @@ -255,21 +285,23 @@ version: 1.0 [ClickHouse] `encrypt` function output SHALL produce output that matches [NIST test vectors]. #### RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText -version: 1.0 +version: 2.0 + +[ClickHouse] SHALL support `plaintext` with `String`, `FixedString`, `Nullable(String)`, +`Nullable(FixedString)`, `LowCardinality(String)`, or `LowCardinality(FixedString(N))` data types as +the second parameter to the `encrypt` function that SHALL specify the data to be encrypted. -[ClickHouse] SHALL support `plaintext` accepting any data type as -the first parameter to the `encrypt` function that SHALL specify the data to be encrypted. #### RQ.SRS008.AES.Encrypt.Function.Parameters.Key version: 1.0 [ClickHouse] SHALL support `key` with `String` or `FixedString` data types -as the second parameter to the `encrypt` function that SHALL specify the encryption key. +as the parameter to the `encrypt` function that SHALL specify the encryption key. #### RQ.SRS008.AES.Encrypt.Function.Parameters.Mode version: 1.0 -[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter +[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter to the `encrypt` function that SHALL specify encryption key length and block encryption mode. #### RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat @@ -308,13 +340,13 @@ of the `encrypt` function: * `aes-192-ofb` that SHALL use [OFB] block mode encryption with 192 bit key * `aes-256-ofb` that SHALL use [OFB] block mode encryption with 256 bit key * `aes-128-gcm` that SHALL use [GCM] block mode encryption with 128 bit key - and `AEAD` 16-byte tag is appended to the resulting ciphertext according to + and [AEAD] 16-byte tag is appended to the resulting ciphertext according to the [RFC5116] * `aes-192-gcm` that SHALL use [GCM] block mode encryption with 192 bit key - and `AEAD` 16-byte tag is appended to the resulting ciphertext according to + and [AEAD] 16-byte tag is appended to the resulting ciphertext according to the [RFC5116] * `aes-256-gcm` that SHALL use [GCM] block mode encryption with 256 bit key - and `AEAD` 16-byte tag is appended to the resulting ciphertext according to + and [AEAD] 16-byte tag is appended to the resulting ciphertext according to the [RFC5116] * `aes-128-ctr` that SHALL use [CTR] block mode encryption with 128 bit key * `aes-192-ctr` that SHALL use [CTR] block mode encryption with 192 bit key @@ -403,6 +435,8 @@ when using GCM modes * `aes-192-gcm` mode and `key` is not 24 bytes or `iv` is not specified * `aes-256-gcm` mode and `key` is not 32 bytes or `iv` is not specified +### Decrypt Function + #### RQ.SRS008.AES.Decrypt.Function version: 1.0 @@ -421,18 +455,18 @@ decrypt(mode, ciphertext, key, [iv, aad]) version: 1.0 [ClickHouse] SHALL support `ciphertext` accepting `FixedString` or `String` data types as -the first parameter to the `decrypt` function that SHALL specify the data to be decrypted. +the second parameter to the `decrypt` function that SHALL specify the data to be decrypted. #### RQ.SRS008.AES.Decrypt.Function.Parameters.Key version: 1.0 [ClickHouse] SHALL support `key` with `String` or `FixedString` data types -as the second parameter to the `decrypt` function that SHALL specify the encryption key. +as the third parameter to the `decrypt` function that SHALL specify the encryption key. #### RQ.SRS008.AES.Decrypt.Function.Parameters.Mode version: 1.0 -[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter +[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter to the `decrypt` function that SHALL specify encryption key length and block encryption mode. #### RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat @@ -511,7 +545,7 @@ version: 1.0 #### RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError version: 1.0 -[ClickHouse] SHALL return an error if the `iv` is speficified and the length is not exact for the `decrypt` function for a given block mode. +[ClickHouse] SHALL return an error if the `iv` is specified and the length is not exact for the `decrypt` function for a given block mode. #### RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode version: 1.0 @@ -568,7 +602,7 @@ when using GCM modes * `aes-192-gcm` mode and `key` is not 24 bytes or `iv` is not specified * `aes-256-gcm` mode and `key` is not 32 bytes or `iv` is not specified -### MySQL Specific Functions +### MySQL Encrypt Function #### RQ.SRS008.AES.MySQL.Encrypt.Function version: 1.0 @@ -585,21 +619,22 @@ aes_encrypt_mysql(mode, plaintext, key, [iv]) ``` #### RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText -version: 1.0 +version: 2.0 -[ClickHouse] SHALL support `plaintext` accepting any data type as -the first parameter to the `aes_encrypt_mysql` function that SHALL specify the data to be encrypted. +[ClickHouse] SHALL support `plaintext` with `String`, `FixedString`, `Nullable(String)`, +`Nullable(FixedString)`, `LowCardinality(String)`, or `LowCardinality(FixedString(N))` data types as +the second parameter to the `aes_encrypt_mysql` function that SHALL specify the data to be encrypted. #### RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key version: 1.0 [ClickHouse] SHALL support `key` with `String` or `FixedString` data types -as the second parameter to the `aes_encrypt_mysql` function that SHALL specify the encryption key. +as the third parameter to the `aes_encrypt_mysql` function that SHALL specify the encryption key. #### RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode version: 1.0 -[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter +[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter to the `aes_encrypt_mysql` function that SHALL specify encryption key length and block encryption mode. #### RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat @@ -734,6 +769,8 @@ version: 1.0 * `aes-192-ofb` mode and `key` is less than 24 bytes or if specified `iv` is less than 16 bytes * `aes-256-ofb` mode and `key` is less than 32 bytes or if specified `iv` is less than 16 bytes +### MySQL Decrypt Function + #### RQ.SRS008.AES.MySQL.Decrypt.Function version: 1.0 @@ -752,18 +789,18 @@ aes_decrypt_mysql(mode, ciphertext, key, [iv]) version: 1.0 [ClickHouse] SHALL support `ciphertext` accepting any data type as -the first parameter to the `aes_decrypt_mysql` function that SHALL specify the data to be decrypted. +the second parameter to the `aes_decrypt_mysql` function that SHALL specify the data to be decrypted. #### RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key version: 1.0 [ClickHouse] SHALL support `key` with `String` or `FixedString` data types -as the second parameter to the `aes_decrypt_mysql` function that SHALL specify the encryption key. +as the third parameter to the `aes_decrypt_mysql` function that SHALL specify the encryption key. #### RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode version: 1.0 -[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter +[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter to the `aes_decrypt_mysql` function that SHALL specify encryption key length and block encryption mode. #### RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat @@ -906,6 +943,7 @@ version: 1.0 * **ClickHouse:** https://clickhouse.tech * **Git:** https://git-scm.com/ +[AEAD]: #aead [OpenSSL]: https://www.openssl.org/ [LowCardinality]: https://clickhouse.tech/docs/en/sql-reference/data-types/lowcardinality/ [MergeTree]: https://clickhouse.tech/docs/en/engines/table-engines/mergetree-family/mergetree/ diff --git a/tests/testflows/aes_encryption/requirements/requirements.py b/tests/testflows/aes_encryption/requirements/requirements.py index 47e8d46f446..cf8613ceff6 100644 --- a/tests/testflows/aes_encryption/requirements/requirements.py +++ b/tests/testflows/aes_encryption/requirements/requirements.py @@ -1,6 +1,6 @@ # These requirements were auto generated # from software requirements specification (SRS) -# document by TestFlows v1.6.201216.1172002. +# document by TestFlows v1.6.210101.1235930. # Do not edit by hand but re-generate instead # using 'tfs requirements generate' command. from testflows.core import Specification @@ -23,8 +23,8 @@ RQ_SRS008_AES_Functions = Requirement( level=3, num='4.1.1') -RQ_SRS008_AES_Functions_Compatability_MySQL = Requirement( - name='RQ.SRS008.AES.Functions.Compatability.MySQL', +RQ_SRS008_AES_Functions_Compatibility_MySQL = Requirement( + name='RQ.SRS008.AES.Functions.Compatibility.MySQL', version='1.0', priority=None, group=None, @@ -36,10 +36,10 @@ RQ_SRS008_AES_Functions_Compatability_MySQL = Requirement( ), link=None, level=3, - num='4.1.2') + num='4.2.1') -RQ_SRS008_AES_Functions_Compatability_Dictionaries = Requirement( - name='RQ.SRS008.AES.Functions.Compatability.Dictionaries', +RQ_SRS008_AES_Functions_Compatibility_Dictionaries = Requirement( + name='RQ.SRS008.AES.Functions.Compatibility.Dictionaries', version='1.0', priority=None, group=None, @@ -52,10 +52,10 @@ RQ_SRS008_AES_Functions_Compatability_Dictionaries = Requirement( ), link=None, level=3, - num='4.1.3') + num='4.2.2') -RQ_SRS008_AES_Functions_Compatability_Engine_Database_MySQL = Requirement( - name='RQ.SRS008.AES.Functions.Compatability.Engine.Database.MySQL', +RQ_SRS008_AES_Functions_Compatibility_Engine_Database_MySQL = Requirement( + name='RQ.SRS008.AES.Functions.Compatibility.Engine.Database.MySQL', version='1.0', priority=None, group=None, @@ -67,10 +67,10 @@ RQ_SRS008_AES_Functions_Compatability_Engine_Database_MySQL = Requirement( ), link=None, level=3, - num='4.1.4') + num='4.2.3') -RQ_SRS008_AES_Functions_Compatability_Engine_Table_MySQL = Requirement( - name='RQ.SRS008.AES.Functions.Compatability.Engine.Table.MySQL', +RQ_SRS008_AES_Functions_Compatibility_Engine_Table_MySQL = Requirement( + name='RQ.SRS008.AES.Functions.Compatibility.Engine.Table.MySQL', version='1.0', priority=None, group=None, @@ -82,10 +82,10 @@ RQ_SRS008_AES_Functions_Compatability_Engine_Table_MySQL = Requirement( ), link=None, level=3, - num='4.1.5') + num='4.2.4') -RQ_SRS008_AES_Functions_Compatability_TableFunction_MySQL = Requirement( - name='RQ.SRS008.AES.Functions.Compatability.TableFunction.MySQL', +RQ_SRS008_AES_Functions_Compatibility_TableFunction_MySQL = Requirement( + name='RQ.SRS008.AES.Functions.Compatibility.TableFunction.MySQL', version='1.0', priority=None, group=None, @@ -97,7 +97,7 @@ RQ_SRS008_AES_Functions_Compatability_TableFunction_MySQL = Requirement( ), link=None, level=3, - num='4.1.6') + num='4.2.5') RQ_SRS008_AES_Functions_DifferentModes = Requirement( name='RQ.SRS008.AES.Functions.DifferentModes', @@ -113,7 +113,7 @@ RQ_SRS008_AES_Functions_DifferentModes = Requirement( ), link=None, level=3, - num='4.1.7') + num='4.3.1') RQ_SRS008_AES_Functions_DataFromMultipleSources = Requirement( name='RQ.SRS008.AES.Functions.DataFromMultipleSources', @@ -131,7 +131,7 @@ RQ_SRS008_AES_Functions_DataFromMultipleSources = Requirement( ), link=None, level=3, - num='4.1.8') + num='4.4.1') RQ_SRS008_AES_Functions_SuppressOutputOfSensitiveValues = Requirement( name='RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues', @@ -147,7 +147,7 @@ RQ_SRS008_AES_Functions_SuppressOutputOfSensitiveValues = Requirement( ), link=None, level=3, - num='4.1.9') + num='4.5.1') RQ_SRS008_AES_Functions_InvalidParameters = Requirement( name='RQ.SRS008.AES.Functions.InvalidParameters', @@ -162,7 +162,7 @@ RQ_SRS008_AES_Functions_InvalidParameters = Requirement( ), link=None, level=3, - num='4.1.10') + num='4.6.1') RQ_SRS008_AES_Functions_Mismatched_Key = Requirement( name='RQ.SRS008.AES.Functions.Mismatched.Key', @@ -177,7 +177,7 @@ RQ_SRS008_AES_Functions_Mismatched_Key = Requirement( ), link=None, level=3, - num='4.1.11') + num='4.7.1') RQ_SRS008_AES_Functions_Mismatched_IV = Requirement( name='RQ.SRS008.AES.Functions.Mismatched.IV', @@ -192,7 +192,7 @@ RQ_SRS008_AES_Functions_Mismatched_IV = Requirement( ), link=None, level=3, - num='4.1.12') + num='4.7.2') RQ_SRS008_AES_Functions_Mismatched_AAD = Requirement( name='RQ.SRS008.AES.Functions.Mismatched.AAD', @@ -207,7 +207,7 @@ RQ_SRS008_AES_Functions_Mismatched_AAD = Requirement( ), link=None, level=3, - num='4.1.13') + num='4.7.3') RQ_SRS008_AES_Functions_Mismatched_Mode = Requirement( name='RQ.SRS008.AES.Functions.Mismatched.Mode', @@ -222,7 +222,7 @@ RQ_SRS008_AES_Functions_Mismatched_Mode = Requirement( ), link=None, level=3, - num='4.1.14') + num='4.7.4') RQ_SRS008_AES_Functions_Check_Performance = Requirement( name='RQ.SRS008.AES.Functions.Check.Performance', @@ -237,7 +237,7 @@ RQ_SRS008_AES_Functions_Check_Performance = Requirement( ), link=None, level=3, - num='4.1.15') + num='4.8.1') RQ_SRS008_AES_Function_Check_Performance_BestCase = Requirement( name='RQ.SRS008.AES.Function.Check.Performance.BestCase', @@ -253,7 +253,7 @@ RQ_SRS008_AES_Function_Check_Performance_BestCase = Requirement( ), link=None, level=3, - num='4.1.16') + num='4.8.2') RQ_SRS008_AES_Function_Check_Performance_WorstCase = Requirement( name='RQ.SRS008.AES.Function.Check.Performance.WorstCase', @@ -269,7 +269,7 @@ RQ_SRS008_AES_Function_Check_Performance_WorstCase = Requirement( ), link=None, level=3, - num='4.1.17') + num='4.8.3') RQ_SRS008_AES_Functions_Check_Compression = Requirement( name='RQ.SRS008.AES.Functions.Check.Compression', @@ -284,7 +284,7 @@ RQ_SRS008_AES_Functions_Check_Compression = Requirement( ), link=None, level=3, - num='4.1.18') + num='4.8.4') RQ_SRS008_AES_Functions_Check_Compression_LowCardinality = Requirement( name='RQ.SRS008.AES.Functions.Check.Compression.LowCardinality', @@ -300,7 +300,7 @@ RQ_SRS008_AES_Functions_Check_Compression_LowCardinality = Requirement( ), link=None, level=3, - num='4.1.19') + num='4.8.5') RQ_SRS008_AES_Encrypt_Function = Requirement( name='RQ.SRS008.AES.Encrypt.Function', @@ -315,7 +315,7 @@ RQ_SRS008_AES_Encrypt_Function = Requirement( ), link=None, level=3, - num='4.2.1') + num='4.9.1') RQ_SRS008_AES_Encrypt_Function_Syntax = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Syntax', @@ -334,7 +334,7 @@ RQ_SRS008_AES_Encrypt_Function_Syntax = Requirement( ), link=None, level=3, - num='4.2.2') + num='4.9.2') RQ_SRS008_AES_Encrypt_Function_NIST_TestVectors = Requirement( name='RQ.SRS008.AES.Encrypt.Function.NIST.TestVectors', @@ -349,23 +349,25 @@ RQ_SRS008_AES_Encrypt_Function_NIST_TestVectors = Requirement( ), link=None, level=3, - num='4.2.3') + num='4.9.3') RQ_SRS008_AES_Encrypt_Function_Parameters_PlainText = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText', - version='1.0', + version='2.0', priority=None, group=None, type=None, uid=None, description=( - '[ClickHouse] SHALL support `plaintext` accepting any data type as\n' - 'the first parameter to the `encrypt` function that SHALL specify the data to be encrypted.\n' + '[ClickHouse] SHALL support `plaintext` with `String`, `FixedString`, `Nullable(String)`,\n' + '`Nullable(FixedString)`, `LowCardinality(String)`, or `LowCardinality(FixedString(N))` data types as\n' + 'the second parameter to the `encrypt` function that SHALL specify the data to be encrypted.\n' + '\n' '\n' ), link=None, level=3, - num='4.2.4') + num='4.9.4') RQ_SRS008_AES_Encrypt_Function_Parameters_Key = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.Key', @@ -376,12 +378,12 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_Key = Requirement( uid=None, description=( '[ClickHouse] SHALL support `key` with `String` or `FixedString` data types\n' - 'as the second parameter to the `encrypt` function that SHALL specify the encryption key.\n' + 'as the parameter to the `encrypt` function that SHALL specify the encryption key.\n' '\n' ), link=None, level=3, - num='4.2.5') + num='4.9.5') RQ_SRS008_AES_Encrypt_Function_Parameters_Mode = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode', @@ -391,13 +393,13 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_Mode = Requirement( type=None, uid=None, description=( - '[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter\n' + '[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter\n' 'to the `encrypt` function that SHALL specify encryption key length and block encryption mode.\n' '\n' ), link=None, level=3, - num='4.2.6') + num='4.9.6') RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_ValuesFormat = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat', @@ -417,7 +419,7 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_ValuesFormat = Requirement( ), link=None, level=3, - num='4.2.7') + num='4.9.7') RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_Value_Invalid = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Value.Invalid', @@ -434,7 +436,7 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_Value_Invalid = Requirement( ), link=None, level=3, - num='4.2.8') + num='4.9.8') RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_Values = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Values', @@ -460,13 +462,13 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_Values = Requirement( '* `aes-192-ofb` that SHALL use [OFB] block mode encryption with 192 bit key\n' '* `aes-256-ofb` that SHALL use [OFB] block mode encryption with 256 bit key\n' '* `aes-128-gcm` that SHALL use [GCM] block mode encryption with 128 bit key\n' - ' and `AEAD` 16-byte tag is appended to the resulting ciphertext according to\n' + ' and [AEAD] 16-byte tag is appended to the resulting ciphertext according to\n' ' the [RFC5116]\n' '* `aes-192-gcm` that SHALL use [GCM] block mode encryption with 192 bit key\n' - ' and `AEAD` 16-byte tag is appended to the resulting ciphertext according to\n' + ' and [AEAD] 16-byte tag is appended to the resulting ciphertext according to\n' ' the [RFC5116]\n' '* `aes-256-gcm` that SHALL use [GCM] block mode encryption with 256 bit key\n' - ' and `AEAD` 16-byte tag is appended to the resulting ciphertext according to\n' + ' and [AEAD] 16-byte tag is appended to the resulting ciphertext according to\n' ' the [RFC5116]\n' '* `aes-128-ctr` that SHALL use [CTR] block mode encryption with 128 bit key\n' '* `aes-192-ctr` that SHALL use [CTR] block mode encryption with 192 bit key\n' @@ -475,7 +477,7 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_Values = Requirement( ), link=None, level=3, - num='4.2.9') + num='4.9.9') RQ_SRS008_AES_Encrypt_Function_Parameters_InitializationVector = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.InitializationVector', @@ -492,7 +494,7 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_InitializationVector = Requirement( ), link=None, level=3, - num='4.2.10') + num='4.9.10') RQ_SRS008_AES_Encrypt_Function_Parameters_AdditionalAuthenticatedData = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.AdditionalAuthenticatedData', @@ -509,7 +511,7 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_AdditionalAuthenticatedData = Requirem ), link=None, level=3, - num='4.2.11') + num='4.9.11') RQ_SRS008_AES_Encrypt_Function_Parameters_ReturnValue = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Parameters.ReturnValue', @@ -525,7 +527,7 @@ RQ_SRS008_AES_Encrypt_Function_Parameters_ReturnValue = Requirement( ), link=None, level=3, - num='4.2.12') + num='4.9.12') RQ_SRS008_AES_Encrypt_Function_Key_Length_InvalidLengthError = Requirement( name='RQ.SRS008.AES.Encrypt.Function.Key.Length.InvalidLengthError', @@ -540,7 +542,7 @@ RQ_SRS008_AES_Encrypt_Function_Key_Length_InvalidLengthError = Requirement( ), link=None, level=3, - num='4.2.13') + num='4.9.13') RQ_SRS008_AES_Encrypt_Function_InitializationVector_Length_InvalidLengthError = Requirement( name='RQ.SRS008.AES.Encrypt.Function.InitializationVector.Length.InvalidLengthError', @@ -555,7 +557,7 @@ RQ_SRS008_AES_Encrypt_Function_InitializationVector_Length_InvalidLengthError = ), link=None, level=3, - num='4.2.14') + num='4.9.14') RQ_SRS008_AES_Encrypt_Function_InitializationVector_NotValidForMode = Requirement( name='RQ.SRS008.AES.Encrypt.Function.InitializationVector.NotValidForMode', @@ -570,7 +572,7 @@ RQ_SRS008_AES_Encrypt_Function_InitializationVector_NotValidForMode = Requiremen ), link=None, level=3, - num='4.2.15') + num='4.9.15') RQ_SRS008_AES_Encrypt_Function_AdditionalAuthenticationData_NotValidForMode = Requirement( name='RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.NotValidForMode', @@ -585,7 +587,7 @@ RQ_SRS008_AES_Encrypt_Function_AdditionalAuthenticationData_NotValidForMode = Re ), link=None, level=3, - num='4.2.16') + num='4.9.16') RQ_SRS008_AES_Encrypt_Function_AdditionalAuthenticationData_Length = Requirement( name='RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.Length', @@ -600,7 +602,7 @@ RQ_SRS008_AES_Encrypt_Function_AdditionalAuthenticationData_Length = Requirement ), link=None, level=3, - num='4.2.17') + num='4.9.17') RQ_SRS008_AES_Encrypt_Function_NonGCMMode_KeyAndInitializationVector_Length = Requirement( name='RQ.SRS008.AES.Encrypt.Function.NonGCMMode.KeyAndInitializationVector.Length', @@ -638,7 +640,7 @@ RQ_SRS008_AES_Encrypt_Function_NonGCMMode_KeyAndInitializationVector_Length = Re ), link=None, level=3, - num='4.2.18') + num='4.9.18') RQ_SRS008_AES_Encrypt_Function_GCMMode_KeyAndInitializationVector_Length = Requirement( name='RQ.SRS008.AES.Encrypt.Function.GCMMode.KeyAndInitializationVector.Length', @@ -658,7 +660,7 @@ RQ_SRS008_AES_Encrypt_Function_GCMMode_KeyAndInitializationVector_Length = Requi ), link=None, level=3, - num='4.2.19') + num='4.9.19') RQ_SRS008_AES_Decrypt_Function = Requirement( name='RQ.SRS008.AES.Decrypt.Function', @@ -673,7 +675,7 @@ RQ_SRS008_AES_Decrypt_Function = Requirement( ), link=None, level=3, - num='4.2.20') + num='4.10.1') RQ_SRS008_AES_Decrypt_Function_Syntax = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Syntax', @@ -692,7 +694,7 @@ RQ_SRS008_AES_Decrypt_Function_Syntax = Requirement( ), link=None, level=3, - num='4.2.21') + num='4.10.2') RQ_SRS008_AES_Decrypt_Function_Parameters_CipherText = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.CipherText', @@ -703,12 +705,12 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_CipherText = Requirement( uid=None, description=( '[ClickHouse] SHALL support `ciphertext` accepting `FixedString` or `String` data types as\n' - 'the first parameter to the `decrypt` function that SHALL specify the data to be decrypted.\n' + 'the second parameter to the `decrypt` function that SHALL specify the data to be decrypted.\n' '\n' ), link=None, level=3, - num='4.2.22') + num='4.10.3') RQ_SRS008_AES_Decrypt_Function_Parameters_Key = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.Key', @@ -719,12 +721,12 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_Key = Requirement( uid=None, description=( '[ClickHouse] SHALL support `key` with `String` or `FixedString` data types\n' - 'as the second parameter to the `decrypt` function that SHALL specify the encryption key.\n' + 'as the third parameter to the `decrypt` function that SHALL specify the encryption key.\n' '\n' ), link=None, level=3, - num='4.2.23') + num='4.10.4') RQ_SRS008_AES_Decrypt_Function_Parameters_Mode = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode', @@ -734,13 +736,13 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_Mode = Requirement( type=None, uid=None, description=( - '[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter\n' + '[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter\n' 'to the `decrypt` function that SHALL specify encryption key length and block encryption mode.\n' '\n' ), link=None, level=3, - num='4.2.24') + num='4.10.5') RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_ValuesFormat = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat', @@ -760,7 +762,7 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_ValuesFormat = Requirement( ), link=None, level=3, - num='4.2.25') + num='4.10.6') RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_Value_Invalid = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Value.Invalid', @@ -777,7 +779,7 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_Value_Invalid = Requirement( ), link=None, level=3, - num='4.2.26') + num='4.10.7') RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_Values = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Values', @@ -818,7 +820,7 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_Mode_Values = Requirement( ), link=None, level=3, - num='4.2.27') + num='4.10.8') RQ_SRS008_AES_Decrypt_Function_Parameters_InitializationVector = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.InitializationVector', @@ -835,7 +837,7 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_InitializationVector = Requirement( ), link=None, level=3, - num='4.2.28') + num='4.10.9') RQ_SRS008_AES_Decrypt_Function_Parameters_AdditionalAuthenticatedData = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.AdditionalAuthenticatedData', @@ -852,7 +854,7 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_AdditionalAuthenticatedData = Requirem ), link=None, level=3, - num='4.2.29') + num='4.10.10') RQ_SRS008_AES_Decrypt_Function_Parameters_ReturnValue = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Parameters.ReturnValue', @@ -868,7 +870,7 @@ RQ_SRS008_AES_Decrypt_Function_Parameters_ReturnValue = Requirement( ), link=None, level=3, - num='4.2.30') + num='4.10.11') RQ_SRS008_AES_Decrypt_Function_Key_Length_InvalidLengthError = Requirement( name='RQ.SRS008.AES.Decrypt.Function.Key.Length.InvalidLengthError', @@ -883,7 +885,7 @@ RQ_SRS008_AES_Decrypt_Function_Key_Length_InvalidLengthError = Requirement( ), link=None, level=3, - num='4.2.31') + num='4.10.12') RQ_SRS008_AES_Decrypt_Function_InitializationVector_Length_InvalidLengthError = Requirement( name='RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError', @@ -893,12 +895,12 @@ RQ_SRS008_AES_Decrypt_Function_InitializationVector_Length_InvalidLengthError = type=None, uid=None, description=( - '[ClickHouse] SHALL return an error if the `iv` is speficified and the length is not exact for the `decrypt` function for a given block mode.\n' + '[ClickHouse] SHALL return an error if the `iv` is specified and the length is not exact for the `decrypt` function for a given block mode.\n' '\n' ), link=None, level=3, - num='4.2.32') + num='4.10.13') RQ_SRS008_AES_Decrypt_Function_InitializationVector_NotValidForMode = Requirement( name='RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode', @@ -914,7 +916,7 @@ RQ_SRS008_AES_Decrypt_Function_InitializationVector_NotValidForMode = Requiremen ), link=None, level=3, - num='4.2.33') + num='4.10.14') RQ_SRS008_AES_Decrypt_Function_AdditionalAuthenticationData_NotValidForMode = Requirement( name='RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.NotValidForMode', @@ -930,7 +932,7 @@ RQ_SRS008_AES_Decrypt_Function_AdditionalAuthenticationData_NotValidForMode = Re ), link=None, level=3, - num='4.2.34') + num='4.10.15') RQ_SRS008_AES_Decrypt_Function_AdditionalAuthenticationData_Length = Requirement( name='RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.Length', @@ -945,7 +947,7 @@ RQ_SRS008_AES_Decrypt_Function_AdditionalAuthenticationData_Length = Requirement ), link=None, level=3, - num='4.2.35') + num='4.10.16') RQ_SRS008_AES_Decrypt_Function_NonGCMMode_KeyAndInitializationVector_Length = Requirement( name='RQ.SRS008.AES.Decrypt.Function.NonGCMMode.KeyAndInitializationVector.Length', @@ -983,7 +985,7 @@ RQ_SRS008_AES_Decrypt_Function_NonGCMMode_KeyAndInitializationVector_Length = Re ), link=None, level=3, - num='4.2.36') + num='4.10.17') RQ_SRS008_AES_Decrypt_Function_GCMMode_KeyAndInitializationVector_Length = Requirement( name='RQ.SRS008.AES.Decrypt.Function.GCMMode.KeyAndInitializationVector.Length', @@ -1003,7 +1005,7 @@ RQ_SRS008_AES_Decrypt_Function_GCMMode_KeyAndInitializationVector_Length = Requi ), link=None, level=3, - num='4.2.37') + num='4.10.18') RQ_SRS008_AES_MySQL_Encrypt_Function = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function', @@ -1018,7 +1020,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function = Requirement( ), link=None, level=3, - num='4.3.1') + num='4.11.1') RQ_SRS008_AES_MySQL_Encrypt_Function_Syntax = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Syntax', @@ -1037,23 +1039,24 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Syntax = Requirement( ), link=None, level=3, - num='4.3.2') + num='4.11.2') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_PlainText = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText', - version='1.0', + version='2.0', priority=None, group=None, type=None, uid=None, description=( - '[ClickHouse] SHALL support `plaintext` accepting any data type as\n' - 'the first parameter to the `aes_encrypt_mysql` function that SHALL specify the data to be encrypted.\n' + '[ClickHouse] SHALL support `plaintext` with `String`, `FixedString`, `Nullable(String)`,\n' + '`Nullable(FixedString)`, `LowCardinality(String)`, or `LowCardinality(FixedString(N))` data types as\n' + 'the second parameter to the `aes_encrypt_mysql` function that SHALL specify the data to be encrypted.\n' '\n' ), link=None, level=3, - num='4.3.3') + num='4.11.3') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Key = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key', @@ -1064,12 +1067,12 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Key = Requirement( uid=None, description=( '[ClickHouse] SHALL support `key` with `String` or `FixedString` data types\n' - 'as the second parameter to the `aes_encrypt_mysql` function that SHALL specify the encryption key.\n' + 'as the third parameter to the `aes_encrypt_mysql` function that SHALL specify the encryption key.\n' '\n' ), link=None, level=3, - num='4.3.4') + num='4.11.4') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode', @@ -1079,13 +1082,13 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode = Requirement( type=None, uid=None, description=( - '[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter\n' + '[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter\n' 'to the `aes_encrypt_mysql` function that SHALL specify encryption key length and block encryption mode.\n' '\n' ), link=None, level=3, - num='4.3.5') + num='4.11.5') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_ValuesFormat = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat', @@ -1104,7 +1107,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_ValuesFormat = Requirement( ), link=None, level=3, - num='4.3.6') + num='4.11.6') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_Invalid = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Value.Invalid', @@ -1121,7 +1124,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Value_Invalid = Requirement ), link=None, level=3, - num='4.3.7') + num='4.11.7') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values', @@ -1150,7 +1153,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values = Requirement( ), link=None, level=3, - num='4.3.8') + num='4.11.8') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values_GCM_Error = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.GCM.Error', @@ -1170,7 +1173,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values_GCM_Error = Requirem ), link=None, level=3, - num='4.3.9') + num='4.11.9') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values_CTR_Error = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.CTR.Error', @@ -1190,7 +1193,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values_CTR_Error = Requirem ), link=None, level=3, - num='4.3.10') + num='4.11.10') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_InitializationVector = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.InitializationVector', @@ -1207,7 +1210,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_InitializationVector = Requireme ), link=None, level=3, - num='4.3.11') + num='4.11.11') RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_ReturnValue = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.ReturnValue', @@ -1223,7 +1226,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_ReturnValue = Requirement( ), link=None, level=3, - num='4.3.12') + num='4.11.12') RQ_SRS008_AES_MySQL_Encrypt_Function_Key_Length_TooShortError = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooShortError', @@ -1239,7 +1242,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Key_Length_TooShortError = Requirement( ), link=None, level=3, - num='4.3.13') + num='4.11.13') RQ_SRS008_AES_MySQL_Encrypt_Function_Key_Length_TooLong = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooLong', @@ -1265,7 +1268,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Key_Length_TooLong = Requirement( ), link=None, level=3, - num='4.3.14') + num='4.11.14') RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_Length_TooShortError = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooShortError', @@ -1281,7 +1284,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_Length_TooShortError = ), link=None, level=3, - num='4.3.15') + num='4.11.15') RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_Length_TooLong = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooLong', @@ -1297,7 +1300,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_Length_TooLong = Requi ), link=None, level=3, - num='4.3.16') + num='4.11.16') RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_NotValidForMode = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.NotValidForMode', @@ -1313,7 +1316,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_InitializationVector_NotValidForMode = Requ ), link=None, level=3, - num='4.3.17') + num='4.11.17') RQ_SRS008_AES_MySQL_Encrypt_Function_Mode_KeyAndInitializationVector_Length = Requirement( name='RQ.SRS008.AES.MySQL.Encrypt.Function.Mode.KeyAndInitializationVector.Length', @@ -1347,7 +1350,7 @@ RQ_SRS008_AES_MySQL_Encrypt_Function_Mode_KeyAndInitializationVector_Length = Re ), link=None, level=3, - num='4.3.18') + num='4.11.18') RQ_SRS008_AES_MySQL_Decrypt_Function = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function', @@ -1362,7 +1365,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function = Requirement( ), link=None, level=3, - num='4.3.19') + num='4.12.1') RQ_SRS008_AES_MySQL_Decrypt_Function_Syntax = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Syntax', @@ -1381,7 +1384,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Syntax = Requirement( ), link=None, level=3, - num='4.3.20') + num='4.12.2') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_CipherText = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.CipherText', @@ -1392,12 +1395,12 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_CipherText = Requirement( uid=None, description=( '[ClickHouse] SHALL support `ciphertext` accepting any data type as\n' - 'the first parameter to the `aes_decrypt_mysql` function that SHALL specify the data to be decrypted.\n' + 'the second parameter to the `aes_decrypt_mysql` function that SHALL specify the data to be decrypted.\n' '\n' ), link=None, level=3, - num='4.3.21') + num='4.12.3') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Key = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key', @@ -1408,12 +1411,12 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Key = Requirement( uid=None, description=( '[ClickHouse] SHALL support `key` with `String` or `FixedString` data types\n' - 'as the second parameter to the `aes_decrypt_mysql` function that SHALL specify the encryption key.\n' + 'as the third parameter to the `aes_decrypt_mysql` function that SHALL specify the encryption key.\n' '\n' ), link=None, level=3, - num='4.3.22') + num='4.12.4') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode', @@ -1423,13 +1426,13 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode = Requirement( type=None, uid=None, description=( - '[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter\n' + '[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter\n' 'to the `aes_decrypt_mysql` function that SHALL specify encryption key length and block encryption mode.\n' '\n' ), link=None, level=3, - num='4.3.23') + num='4.12.5') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_ValuesFormat = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat', @@ -1448,7 +1451,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_ValuesFormat = Requirement( ), link=None, level=3, - num='4.3.24') + num='4.12.6') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_Invalid = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Value.Invalid', @@ -1465,7 +1468,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Value_Invalid = Requirement ), link=None, level=3, - num='4.3.25') + num='4.12.7') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values', @@ -1494,7 +1497,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values = Requirement( ), link=None, level=3, - num='4.3.26') + num='4.12.8') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values_GCM_Error = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.GCM.Error', @@ -1514,7 +1517,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values_GCM_Error = Requirem ), link=None, level=3, - num='4.3.27') + num='4.12.9') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values_CTR_Error = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.CTR.Error', @@ -1534,7 +1537,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_Mode_Values_CTR_Error = Requirem ), link=None, level=3, - num='4.3.28') + num='4.12.10') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_InitializationVector = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.InitializationVector', @@ -1551,7 +1554,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_InitializationVector = Requireme ), link=None, level=3, - num='4.3.29') + num='4.12.11') RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_ReturnValue = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.ReturnValue', @@ -1567,7 +1570,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Parameters_ReturnValue = Requirement( ), link=None, level=3, - num='4.3.30') + num='4.12.12') RQ_SRS008_AES_MySQL_Decrypt_Function_Key_Length_TooShortError = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooShortError', @@ -1583,7 +1586,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Key_Length_TooShortError = Requirement( ), link=None, level=3, - num='4.3.31') + num='4.12.13') RQ_SRS008_AES_MySQL_Decrypt_Function_Key_Length_TooLong = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooLong', @@ -1609,7 +1612,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Key_Length_TooLong = Requirement( ), link=None, level=3, - num='4.3.32') + num='4.12.14') RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_Length_TooShortError = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooShortError', @@ -1625,7 +1628,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_Length_TooShortError = ), link=None, level=3, - num='4.3.33') + num='4.12.15') RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_Length_TooLong = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooLong', @@ -1641,7 +1644,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_Length_TooLong = Requi ), link=None, level=3, - num='4.3.34') + num='4.12.16') RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_NotValidForMode = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.NotValidForMode', @@ -1657,7 +1660,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_InitializationVector_NotValidForMode = Requ ), link=None, level=3, - num='4.3.35') + num='4.12.17') RQ_SRS008_AES_MySQL_Decrypt_Function_Mode_KeyAndInitializationVector_Length = Requirement( name='RQ.SRS008.AES.MySQL.Decrypt.Function.Mode.KeyAndInitializationVector.Length', @@ -1691,7 +1694,7 @@ RQ_SRS008_AES_MySQL_Decrypt_Function_Mode_KeyAndInitializationVector_Length = Re ), link=None, level=3, - num='4.3.36') + num='4.12.18') SRS_008_ClickHouse_AES_Encryption_Functions = Specification( name='SRS-008 ClickHouse AES Encryption Functions', @@ -1713,111 +1716,122 @@ SRS_008_ClickHouse_AES_Encryption_Functions = Specification( Heading(name='Revision History', level=1, num='1'), Heading(name='Introduction', level=1, num='2'), Heading(name='Terminology', level=1, num='3'), + Heading(name='AES', level=2, num='3.1'), + Heading(name='AEAD', level=2, num='3.2'), Heading(name='Requirements', level=1, num='4'), Heading(name='Generic', level=2, num='4.1'), Heading(name='RQ.SRS008.AES.Functions', level=3, num='4.1.1'), - Heading(name='RQ.SRS008.AES.Functions.Compatability.MySQL', level=3, num='4.1.2'), - Heading(name='RQ.SRS008.AES.Functions.Compatability.Dictionaries', level=3, num='4.1.3'), - Heading(name='RQ.SRS008.AES.Functions.Compatability.Engine.Database.MySQL', level=3, num='4.1.4'), - Heading(name='RQ.SRS008.AES.Functions.Compatability.Engine.Table.MySQL', level=3, num='4.1.5'), - Heading(name='RQ.SRS008.AES.Functions.Compatability.TableFunction.MySQL', level=3, num='4.1.6'), - Heading(name='RQ.SRS008.AES.Functions.DifferentModes', level=3, num='4.1.7'), - Heading(name='RQ.SRS008.AES.Functions.DataFromMultipleSources', level=3, num='4.1.8'), - Heading(name='RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues', level=3, num='4.1.9'), - Heading(name='RQ.SRS008.AES.Functions.InvalidParameters', level=3, num='4.1.10'), - Heading(name='RQ.SRS008.AES.Functions.Mismatched.Key', level=3, num='4.1.11'), - Heading(name='RQ.SRS008.AES.Functions.Mismatched.IV', level=3, num='4.1.12'), - Heading(name='RQ.SRS008.AES.Functions.Mismatched.AAD', level=3, num='4.1.13'), - Heading(name='RQ.SRS008.AES.Functions.Mismatched.Mode', level=3, num='4.1.14'), - Heading(name='RQ.SRS008.AES.Functions.Check.Performance', level=3, num='4.1.15'), - Heading(name='RQ.SRS008.AES.Function.Check.Performance.BestCase', level=3, num='4.1.16'), - Heading(name='RQ.SRS008.AES.Function.Check.Performance.WorstCase', level=3, num='4.1.17'), - Heading(name='RQ.SRS008.AES.Functions.Check.Compression', level=3, num='4.1.18'), - Heading(name='RQ.SRS008.AES.Functions.Check.Compression.LowCardinality', level=3, num='4.1.19'), - Heading(name='Specific', level=2, num='4.2'), - Heading(name='RQ.SRS008.AES.Encrypt.Function', level=3, num='4.2.1'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Syntax', level=3, num='4.2.2'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.NIST.TestVectors', level=3, num='4.2.3'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText', level=3, num='4.2.4'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Key', level=3, num='4.2.5'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode', level=3, num='4.2.6'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat', level=3, num='4.2.7'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Value.Invalid', level=3, num='4.2.8'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Values', level=3, num='4.2.9'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.InitializationVector', level=3, num='4.2.10'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.AdditionalAuthenticatedData', level=3, num='4.2.11'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.ReturnValue', level=3, num='4.2.12'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.Key.Length.InvalidLengthError', level=3, num='4.2.13'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.InitializationVector.Length.InvalidLengthError', level=3, num='4.2.14'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.InitializationVector.NotValidForMode', level=3, num='4.2.15'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.NotValidForMode', level=3, num='4.2.16'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.Length', level=3, num='4.2.17'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.NonGCMMode.KeyAndInitializationVector.Length', level=3, num='4.2.18'), - Heading(name='RQ.SRS008.AES.Encrypt.Function.GCMMode.KeyAndInitializationVector.Length', level=3, num='4.2.19'), - Heading(name='RQ.SRS008.AES.Decrypt.Function', level=3, num='4.2.20'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Syntax', level=3, num='4.2.21'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.CipherText', level=3, num='4.2.22'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Key', level=3, num='4.2.23'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode', level=3, num='4.2.24'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat', level=3, num='4.2.25'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Value.Invalid', level=3, num='4.2.26'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Values', level=3, num='4.2.27'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.InitializationVector', level=3, num='4.2.28'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.AdditionalAuthenticatedData', level=3, num='4.2.29'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.ReturnValue', level=3, num='4.2.30'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.Key.Length.InvalidLengthError', level=3, num='4.2.31'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError', level=3, num='4.2.32'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode', level=3, num='4.2.33'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.NotValidForMode', level=3, num='4.2.34'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.Length', level=3, num='4.2.35'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.NonGCMMode.KeyAndInitializationVector.Length', level=3, num='4.2.36'), - Heading(name='RQ.SRS008.AES.Decrypt.Function.GCMMode.KeyAndInitializationVector.Length', level=3, num='4.2.37'), - Heading(name='MySQL Specific Functions', level=2, num='4.3'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function', level=3, num='4.3.1'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Syntax', level=3, num='4.3.2'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText', level=3, num='4.3.3'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key', level=3, num='4.3.4'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode', level=3, num='4.3.5'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat', level=3, num='4.3.6'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Value.Invalid', level=3, num='4.3.7'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values', level=3, num='4.3.8'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.GCM.Error', level=3, num='4.3.9'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.CTR.Error', level=3, num='4.3.10'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.InitializationVector', level=3, num='4.3.11'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.ReturnValue', level=3, num='4.3.12'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooShortError', level=3, num='4.3.13'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooLong', level=3, num='4.3.14'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooShortError', level=3, num='4.3.15'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooLong', level=3, num='4.3.16'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.NotValidForMode', level=3, num='4.3.17'), - Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Mode.KeyAndInitializationVector.Length', level=3, num='4.3.18'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function', level=3, num='4.3.19'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Syntax', level=3, num='4.3.20'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.CipherText', level=3, num='4.3.21'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key', level=3, num='4.3.22'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode', level=3, num='4.3.23'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat', level=3, num='4.3.24'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Value.Invalid', level=3, num='4.3.25'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values', level=3, num='4.3.26'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.GCM.Error', level=3, num='4.3.27'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.CTR.Error', level=3, num='4.3.28'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.InitializationVector', level=3, num='4.3.29'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.ReturnValue', level=3, num='4.3.30'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooShortError', level=3, num='4.3.31'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooLong', level=3, num='4.3.32'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooShortError', level=3, num='4.3.33'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooLong', level=3, num='4.3.34'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.NotValidForMode', level=3, num='4.3.35'), - Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Mode.KeyAndInitializationVector.Length', level=3, num='4.3.36'), + Heading(name='Compatibility', level=2, num='4.2'), + Heading(name='RQ.SRS008.AES.Functions.Compatibility.MySQL', level=3, num='4.2.1'), + Heading(name='RQ.SRS008.AES.Functions.Compatibility.Dictionaries', level=3, num='4.2.2'), + Heading(name='RQ.SRS008.AES.Functions.Compatibility.Engine.Database.MySQL', level=3, num='4.2.3'), + Heading(name='RQ.SRS008.AES.Functions.Compatibility.Engine.Table.MySQL', level=3, num='4.2.4'), + Heading(name='RQ.SRS008.AES.Functions.Compatibility.TableFunction.MySQL', level=3, num='4.2.5'), + Heading(name='Different Modes', level=2, num='4.3'), + Heading(name='RQ.SRS008.AES.Functions.DifferentModes', level=3, num='4.3.1'), + Heading(name='Multiple Sources', level=2, num='4.4'), + Heading(name='RQ.SRS008.AES.Functions.DataFromMultipleSources', level=3, num='4.4.1'), + Heading(name='Suppressing Sensitive Values', level=2, num='4.5'), + Heading(name='RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues', level=3, num='4.5.1'), + Heading(name='Invalid Parameters', level=2, num='4.6'), + Heading(name='RQ.SRS008.AES.Functions.InvalidParameters', level=3, num='4.6.1'), + Heading(name='Mismatched Values', level=2, num='4.7'), + Heading(name='RQ.SRS008.AES.Functions.Mismatched.Key', level=3, num='4.7.1'), + Heading(name='RQ.SRS008.AES.Functions.Mismatched.IV', level=3, num='4.7.2'), + Heading(name='RQ.SRS008.AES.Functions.Mismatched.AAD', level=3, num='4.7.3'), + Heading(name='RQ.SRS008.AES.Functions.Mismatched.Mode', level=3, num='4.7.4'), + Heading(name='Performance', level=2, num='4.8'), + Heading(name='RQ.SRS008.AES.Functions.Check.Performance', level=3, num='4.8.1'), + Heading(name='RQ.SRS008.AES.Function.Check.Performance.BestCase', level=3, num='4.8.2'), + Heading(name='RQ.SRS008.AES.Function.Check.Performance.WorstCase', level=3, num='4.8.3'), + Heading(name='RQ.SRS008.AES.Functions.Check.Compression', level=3, num='4.8.4'), + Heading(name='RQ.SRS008.AES.Functions.Check.Compression.LowCardinality', level=3, num='4.8.5'), + Heading(name='Encrypt Function', level=2, num='4.9'), + Heading(name='RQ.SRS008.AES.Encrypt.Function', level=3, num='4.9.1'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Syntax', level=3, num='4.9.2'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.NIST.TestVectors', level=3, num='4.9.3'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText', level=3, num='4.9.4'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Key', level=3, num='4.9.5'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode', level=3, num='4.9.6'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat', level=3, num='4.9.7'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Value.Invalid', level=3, num='4.9.8'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Values', level=3, num='4.9.9'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.InitializationVector', level=3, num='4.9.10'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.AdditionalAuthenticatedData', level=3, num='4.9.11'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Parameters.ReturnValue', level=3, num='4.9.12'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.Key.Length.InvalidLengthError', level=3, num='4.9.13'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.InitializationVector.Length.InvalidLengthError', level=3, num='4.9.14'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.InitializationVector.NotValidForMode', level=3, num='4.9.15'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.NotValidForMode', level=3, num='4.9.16'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.Length', level=3, num='4.9.17'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.NonGCMMode.KeyAndInitializationVector.Length', level=3, num='4.9.18'), + Heading(name='RQ.SRS008.AES.Encrypt.Function.GCMMode.KeyAndInitializationVector.Length', level=3, num='4.9.19'), + Heading(name='Decrypt Function', level=2, num='4.10'), + Heading(name='RQ.SRS008.AES.Decrypt.Function', level=3, num='4.10.1'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Syntax', level=3, num='4.10.2'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.CipherText', level=3, num='4.10.3'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Key', level=3, num='4.10.4'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode', level=3, num='4.10.5'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat', level=3, num='4.10.6'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Value.Invalid', level=3, num='4.10.7'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Values', level=3, num='4.10.8'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.InitializationVector', level=3, num='4.10.9'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.AdditionalAuthenticatedData', level=3, num='4.10.10'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Parameters.ReturnValue', level=3, num='4.10.11'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.Key.Length.InvalidLengthError', level=3, num='4.10.12'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError', level=3, num='4.10.13'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode', level=3, num='4.10.14'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.NotValidForMode', level=3, num='4.10.15'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.Length', level=3, num='4.10.16'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.NonGCMMode.KeyAndInitializationVector.Length', level=3, num='4.10.17'), + Heading(name='RQ.SRS008.AES.Decrypt.Function.GCMMode.KeyAndInitializationVector.Length', level=3, num='4.10.18'), + Heading(name='MySQL Encrypt Function', level=2, num='4.11'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function', level=3, num='4.11.1'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Syntax', level=3, num='4.11.2'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText', level=3, num='4.11.3'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key', level=3, num='4.11.4'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode', level=3, num='4.11.5'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat', level=3, num='4.11.6'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Value.Invalid', level=3, num='4.11.7'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values', level=3, num='4.11.8'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.GCM.Error', level=3, num='4.11.9'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.CTR.Error', level=3, num='4.11.10'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.InitializationVector', level=3, num='4.11.11'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.ReturnValue', level=3, num='4.11.12'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooShortError', level=3, num='4.11.13'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooLong', level=3, num='4.11.14'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooShortError', level=3, num='4.11.15'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooLong', level=3, num='4.11.16'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.NotValidForMode', level=3, num='4.11.17'), + Heading(name='RQ.SRS008.AES.MySQL.Encrypt.Function.Mode.KeyAndInitializationVector.Length', level=3, num='4.11.18'), + Heading(name='MySQL Decrypt Function', level=2, num='4.12'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function', level=3, num='4.12.1'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Syntax', level=3, num='4.12.2'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.CipherText', level=3, num='4.12.3'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key', level=3, num='4.12.4'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode', level=3, num='4.12.5'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat', level=3, num='4.12.6'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Value.Invalid', level=3, num='4.12.7'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values', level=3, num='4.12.8'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.GCM.Error', level=3, num='4.12.9'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.CTR.Error', level=3, num='4.12.10'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.InitializationVector', level=3, num='4.12.11'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.ReturnValue', level=3, num='4.12.12'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooShortError', level=3, num='4.12.13'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooLong', level=3, num='4.12.14'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooShortError', level=3, num='4.12.15'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooLong', level=3, num='4.12.16'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.NotValidForMode', level=3, num='4.12.17'), + Heading(name='RQ.SRS008.AES.MySQL.Decrypt.Function.Mode.KeyAndInitializationVector.Length', level=3, num='4.12.18'), Heading(name='References', level=1, num='5'), ), requirements=( RQ_SRS008_AES_Functions, - RQ_SRS008_AES_Functions_Compatability_MySQL, - RQ_SRS008_AES_Functions_Compatability_Dictionaries, - RQ_SRS008_AES_Functions_Compatability_Engine_Database_MySQL, - RQ_SRS008_AES_Functions_Compatability_Engine_Table_MySQL, - RQ_SRS008_AES_Functions_Compatability_TableFunction_MySQL, + RQ_SRS008_AES_Functions_Compatibility_MySQL, + RQ_SRS008_AES_Functions_Compatibility_Dictionaries, + RQ_SRS008_AES_Functions_Compatibility_Engine_Database_MySQL, + RQ_SRS008_AES_Functions_Compatibility_Engine_Table_MySQL, + RQ_SRS008_AES_Functions_Compatibility_TableFunction_MySQL, RQ_SRS008_AES_Functions_DifferentModes, RQ_SRS008_AES_Functions_DataFromMultipleSources, RQ_SRS008_AES_Functions_SuppressOutputOfSensitiveValues, @@ -1914,102 +1928,113 @@ SRS_008_ClickHouse_AES_Encryption_Functions = Specification( * 1 [Revision History](#revision-history) * 2 [Introduction](#introduction) * 3 [Terminology](#terminology) + * 3.1 [AES](#aes) + * 3.2 [AEAD](#aead) * 4 [Requirements](#requirements) * 4.1 [Generic](#generic) * 4.1.1 [RQ.SRS008.AES.Functions](#rqsrs008aesfunctions) - * 4.1.2 [RQ.SRS008.AES.Functions.Compatability.MySQL](#rqsrs008aesfunctionscompatabilitymysql) - * 4.1.3 [RQ.SRS008.AES.Functions.Compatability.Dictionaries](#rqsrs008aesfunctionscompatabilitydictionaries) - * 4.1.4 [RQ.SRS008.AES.Functions.Compatability.Engine.Database.MySQL](#rqsrs008aesfunctionscompatabilityenginedatabasemysql) - * 4.1.5 [RQ.SRS008.AES.Functions.Compatability.Engine.Table.MySQL](#rqsrs008aesfunctionscompatabilityenginetablemysql) - * 4.1.6 [RQ.SRS008.AES.Functions.Compatability.TableFunction.MySQL](#rqsrs008aesfunctionscompatabilitytablefunctionmysql) - * 4.1.7 [RQ.SRS008.AES.Functions.DifferentModes](#rqsrs008aesfunctionsdifferentmodes) - * 4.1.8 [RQ.SRS008.AES.Functions.DataFromMultipleSources](#rqsrs008aesfunctionsdatafrommultiplesources) - * 4.1.9 [RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues](#rqsrs008aesfunctionssuppressoutputofsensitivevalues) - * 4.1.10 [RQ.SRS008.AES.Functions.InvalidParameters](#rqsrs008aesfunctionsinvalidparameters) - * 4.1.11 [RQ.SRS008.AES.Functions.Mismatched.Key](#rqsrs008aesfunctionsmismatchedkey) - * 4.1.12 [RQ.SRS008.AES.Functions.Mismatched.IV](#rqsrs008aesfunctionsmismatchediv) - * 4.1.13 [RQ.SRS008.AES.Functions.Mismatched.AAD](#rqsrs008aesfunctionsmismatchedaad) - * 4.1.14 [RQ.SRS008.AES.Functions.Mismatched.Mode](#rqsrs008aesfunctionsmismatchedmode) - * 4.1.15 [RQ.SRS008.AES.Functions.Check.Performance](#rqsrs008aesfunctionscheckperformance) - * 4.1.16 [RQ.SRS008.AES.Function.Check.Performance.BestCase](#rqsrs008aesfunctioncheckperformancebestcase) - * 4.1.17 [RQ.SRS008.AES.Function.Check.Performance.WorstCase](#rqsrs008aesfunctioncheckperformanceworstcase) - * 4.1.18 [RQ.SRS008.AES.Functions.Check.Compression](#rqsrs008aesfunctionscheckcompression) - * 4.1.19 [RQ.SRS008.AES.Functions.Check.Compression.LowCardinality](#rqsrs008aesfunctionscheckcompressionlowcardinality) - * 4.2 [Specific](#specific) - * 4.2.1 [RQ.SRS008.AES.Encrypt.Function](#rqsrs008aesencryptfunction) - * 4.2.2 [RQ.SRS008.AES.Encrypt.Function.Syntax](#rqsrs008aesencryptfunctionsyntax) - * 4.2.3 [RQ.SRS008.AES.Encrypt.Function.NIST.TestVectors](#rqsrs008aesencryptfunctionnisttestvectors) - * 4.2.4 [RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText](#rqsrs008aesencryptfunctionparametersplaintext) - * 4.2.5 [RQ.SRS008.AES.Encrypt.Function.Parameters.Key](#rqsrs008aesencryptfunctionparameterskey) - * 4.2.6 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode](#rqsrs008aesencryptfunctionparametersmode) - * 4.2.7 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesencryptfunctionparametersmodevaluesformat) - * 4.2.8 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesencryptfunctionparametersmodevalueinvalid) - * 4.2.9 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Values](#rqsrs008aesencryptfunctionparametersmodevalues) - * 4.2.10 [RQ.SRS008.AES.Encrypt.Function.Parameters.InitializationVector](#rqsrs008aesencryptfunctionparametersinitializationvector) - * 4.2.11 [RQ.SRS008.AES.Encrypt.Function.Parameters.AdditionalAuthenticatedData](#rqsrs008aesencryptfunctionparametersadditionalauthenticateddata) - * 4.2.12 [RQ.SRS008.AES.Encrypt.Function.Parameters.ReturnValue](#rqsrs008aesencryptfunctionparametersreturnvalue) - * 4.2.13 [RQ.SRS008.AES.Encrypt.Function.Key.Length.InvalidLengthError](#rqsrs008aesencryptfunctionkeylengthinvalidlengtherror) - * 4.2.14 [RQ.SRS008.AES.Encrypt.Function.InitializationVector.Length.InvalidLengthError](#rqsrs008aesencryptfunctioninitializationvectorlengthinvalidlengtherror) - * 4.2.15 [RQ.SRS008.AES.Encrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesencryptfunctioninitializationvectornotvalidformode) - * 4.2.16 [RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.NotValidForMode](#rqsrs008aesencryptfunctionadditionalauthenticationdatanotvalidformode) - * 4.2.17 [RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.Length](#rqsrs008aesencryptfunctionadditionalauthenticationdatalength) - * 4.2.18 [RQ.SRS008.AES.Encrypt.Function.NonGCMMode.KeyAndInitializationVector.Length](#rqsrs008aesencryptfunctionnongcmmodekeyandinitializationvectorlength) - * 4.2.19 [RQ.SRS008.AES.Encrypt.Function.GCMMode.KeyAndInitializationVector.Length](#rqsrs008aesencryptfunctiongcmmodekeyandinitializationvectorlength) - * 4.2.20 [RQ.SRS008.AES.Decrypt.Function](#rqsrs008aesdecryptfunction) - * 4.2.21 [RQ.SRS008.AES.Decrypt.Function.Syntax](#rqsrs008aesdecryptfunctionsyntax) - * 4.2.22 [RQ.SRS008.AES.Decrypt.Function.Parameters.CipherText](#rqsrs008aesdecryptfunctionparametersciphertext) - * 4.2.23 [RQ.SRS008.AES.Decrypt.Function.Parameters.Key](#rqsrs008aesdecryptfunctionparameterskey) - * 4.2.24 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode](#rqsrs008aesdecryptfunctionparametersmode) - * 4.2.25 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesdecryptfunctionparametersmodevaluesformat) - * 4.2.26 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesdecryptfunctionparametersmodevalueinvalid) - * 4.2.27 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Values](#rqsrs008aesdecryptfunctionparametersmodevalues) - * 4.2.28 [RQ.SRS008.AES.Decrypt.Function.Parameters.InitializationVector](#rqsrs008aesdecryptfunctionparametersinitializationvector) - * 4.2.29 [RQ.SRS008.AES.Decrypt.Function.Parameters.AdditionalAuthenticatedData](#rqsrs008aesdecryptfunctionparametersadditionalauthenticateddata) - * 4.2.30 [RQ.SRS008.AES.Decrypt.Function.Parameters.ReturnValue](#rqsrs008aesdecryptfunctionparametersreturnvalue) - * 4.2.31 [RQ.SRS008.AES.Decrypt.Function.Key.Length.InvalidLengthError](#rqsrs008aesdecryptfunctionkeylengthinvalidlengtherror) - * 4.2.32 [RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError](#rqsrs008aesdecryptfunctioninitializationvectorlengthinvalidlengtherror) - * 4.2.33 [RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesdecryptfunctioninitializationvectornotvalidformode) - * 4.2.34 [RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.NotValidForMode](#rqsrs008aesdecryptfunctionadditionalauthenticationdatanotvalidformode) - * 4.2.35 [RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.Length](#rqsrs008aesdecryptfunctionadditionalauthenticationdatalength) - * 4.2.36 [RQ.SRS008.AES.Decrypt.Function.NonGCMMode.KeyAndInitializationVector.Length](#rqsrs008aesdecryptfunctionnongcmmodekeyandinitializationvectorlength) - * 4.2.37 [RQ.SRS008.AES.Decrypt.Function.GCMMode.KeyAndInitializationVector.Length](#rqsrs008aesdecryptfunctiongcmmodekeyandinitializationvectorlength) - * 4.3 [MySQL Specific Functions](#mysql-specific-functions) - * 4.3.1 [RQ.SRS008.AES.MySQL.Encrypt.Function](#rqsrs008aesmysqlencryptfunction) - * 4.3.2 [RQ.SRS008.AES.MySQL.Encrypt.Function.Syntax](#rqsrs008aesmysqlencryptfunctionsyntax) - * 4.3.3 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText](#rqsrs008aesmysqlencryptfunctionparametersplaintext) - * 4.3.4 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key](#rqsrs008aesmysqlencryptfunctionparameterskey) - * 4.3.5 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode](#rqsrs008aesmysqlencryptfunctionparametersmode) - * 4.3.6 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesformat) - * 4.3.7 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesmysqlencryptfunctionparametersmodevalueinvalid) - * 4.3.8 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values](#rqsrs008aesmysqlencryptfunctionparametersmodevalues) - * 4.3.9 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.GCM.Error](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesgcmerror) - * 4.3.10 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.CTR.Error](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesctrerror) - * 4.3.11 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.InitializationVector](#rqsrs008aesmysqlencryptfunctionparametersinitializationvector) - * 4.3.12 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.ReturnValue](#rqsrs008aesmysqlencryptfunctionparametersreturnvalue) - * 4.3.13 [RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooShortError](#rqsrs008aesmysqlencryptfunctionkeylengthtooshorterror) - * 4.3.14 [RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooLong](#rqsrs008aesmysqlencryptfunctionkeylengthtoolong) - * 4.3.15 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooShortError](#rqsrs008aesmysqlencryptfunctioninitializationvectorlengthtooshorterror) - * 4.3.16 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooLong](#rqsrs008aesmysqlencryptfunctioninitializationvectorlengthtoolong) - * 4.3.17 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesmysqlencryptfunctioninitializationvectornotvalidformode) - * 4.3.18 [RQ.SRS008.AES.MySQL.Encrypt.Function.Mode.KeyAndInitializationVector.Length](#rqsrs008aesmysqlencryptfunctionmodekeyandinitializationvectorlength) - * 4.3.19 [RQ.SRS008.AES.MySQL.Decrypt.Function](#rqsrs008aesmysqldecryptfunction) - * 4.3.20 [RQ.SRS008.AES.MySQL.Decrypt.Function.Syntax](#rqsrs008aesmysqldecryptfunctionsyntax) - * 4.3.21 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.CipherText](#rqsrs008aesmysqldecryptfunctionparametersciphertext) - * 4.3.22 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key](#rqsrs008aesmysqldecryptfunctionparameterskey) - * 4.3.23 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode](#rqsrs008aesmysqldecryptfunctionparametersmode) - * 4.3.24 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesformat) - * 4.3.25 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesmysqldecryptfunctionparametersmodevalueinvalid) - * 4.3.26 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values](#rqsrs008aesmysqldecryptfunctionparametersmodevalues) - * 4.3.27 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.GCM.Error](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesgcmerror) - * 4.3.28 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.CTR.Error](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesctrerror) - * 4.3.29 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.InitializationVector](#rqsrs008aesmysqldecryptfunctionparametersinitializationvector) - * 4.3.30 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.ReturnValue](#rqsrs008aesmysqldecryptfunctionparametersreturnvalue) - * 4.3.31 [RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooShortError](#rqsrs008aesmysqldecryptfunctionkeylengthtooshorterror) - * 4.3.32 [RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooLong](#rqsrs008aesmysqldecryptfunctionkeylengthtoolong) - * 4.3.33 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooShortError](#rqsrs008aesmysqldecryptfunctioninitializationvectorlengthtooshorterror) - * 4.3.34 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooLong](#rqsrs008aesmysqldecryptfunctioninitializationvectorlengthtoolong) - * 4.3.35 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesmysqldecryptfunctioninitializationvectornotvalidformode) - * 4.3.36 [RQ.SRS008.AES.MySQL.Decrypt.Function.Mode.KeyAndInitializationVector.Length](#rqsrs008aesmysqldecryptfunctionmodekeyandinitializationvectorlength) + * 4.2 [Compatibility](#compatibility) + * 4.2.1 [RQ.SRS008.AES.Functions.Compatibility.MySQL](#rqsrs008aesfunctionscompatibilitymysql) + * 4.2.2 [RQ.SRS008.AES.Functions.Compatibility.Dictionaries](#rqsrs008aesfunctionscompatibilitydictionaries) + * 4.2.3 [RQ.SRS008.AES.Functions.Compatibility.Engine.Database.MySQL](#rqsrs008aesfunctionscompatibilityenginedatabasemysql) + * 4.2.4 [RQ.SRS008.AES.Functions.Compatibility.Engine.Table.MySQL](#rqsrs008aesfunctionscompatibilityenginetablemysql) + * 4.2.5 [RQ.SRS008.AES.Functions.Compatibility.TableFunction.MySQL](#rqsrs008aesfunctionscompatibilitytablefunctionmysql) + * 4.3 [Different Modes](#different-modes) + * 4.3.1 [RQ.SRS008.AES.Functions.DifferentModes](#rqsrs008aesfunctionsdifferentmodes) + * 4.4 [Multiple Sources](#multiple-sources) + * 4.4.1 [RQ.SRS008.AES.Functions.DataFromMultipleSources](#rqsrs008aesfunctionsdatafrommultiplesources) + * 4.5 [Suppressing Sensitive Values](#suppressing-sensitive-values) + * 4.5.1 [RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues](#rqsrs008aesfunctionssuppressoutputofsensitivevalues) + * 4.6 [Invalid Parameters](#invalid-parameters) + * 4.6.1 [RQ.SRS008.AES.Functions.InvalidParameters](#rqsrs008aesfunctionsinvalidparameters) + * 4.7 [Mismatched Values](#mismatched-values) + * 4.7.1 [RQ.SRS008.AES.Functions.Mismatched.Key](#rqsrs008aesfunctionsmismatchedkey) + * 4.7.2 [RQ.SRS008.AES.Functions.Mismatched.IV](#rqsrs008aesfunctionsmismatchediv) + * 4.7.3 [RQ.SRS008.AES.Functions.Mismatched.AAD](#rqsrs008aesfunctionsmismatchedaad) + * 4.7.4 [RQ.SRS008.AES.Functions.Mismatched.Mode](#rqsrs008aesfunctionsmismatchedmode) + * 4.8 [Performance](#performance) + * 4.8.1 [RQ.SRS008.AES.Functions.Check.Performance](#rqsrs008aesfunctionscheckperformance) + * 4.8.2 [RQ.SRS008.AES.Function.Check.Performance.BestCase](#rqsrs008aesfunctioncheckperformancebestcase) + * 4.8.3 [RQ.SRS008.AES.Function.Check.Performance.WorstCase](#rqsrs008aesfunctioncheckperformanceworstcase) + * 4.8.4 [RQ.SRS008.AES.Functions.Check.Compression](#rqsrs008aesfunctionscheckcompression) + * 4.8.5 [RQ.SRS008.AES.Functions.Check.Compression.LowCardinality](#rqsrs008aesfunctionscheckcompressionlowcardinality) + * 4.9 [Encrypt Function](#encrypt-function) + * 4.9.1 [RQ.SRS008.AES.Encrypt.Function](#rqsrs008aesencryptfunction) + * 4.9.2 [RQ.SRS008.AES.Encrypt.Function.Syntax](#rqsrs008aesencryptfunctionsyntax) + * 4.9.3 [RQ.SRS008.AES.Encrypt.Function.NIST.TestVectors](#rqsrs008aesencryptfunctionnisttestvectors) + * 4.9.4 [RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText](#rqsrs008aesencryptfunctionparametersplaintext) + * 4.9.5 [RQ.SRS008.AES.Encrypt.Function.Parameters.Key](#rqsrs008aesencryptfunctionparameterskey) + * 4.9.6 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode](#rqsrs008aesencryptfunctionparametersmode) + * 4.9.7 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesencryptfunctionparametersmodevaluesformat) + * 4.9.8 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesencryptfunctionparametersmodevalueinvalid) + * 4.9.9 [RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.Values](#rqsrs008aesencryptfunctionparametersmodevalues) + * 4.9.10 [RQ.SRS008.AES.Encrypt.Function.Parameters.InitializationVector](#rqsrs008aesencryptfunctionparametersinitializationvector) + * 4.9.11 [RQ.SRS008.AES.Encrypt.Function.Parameters.AdditionalAuthenticatedData](#rqsrs008aesencryptfunctionparametersadditionalauthenticateddata) + * 4.9.12 [RQ.SRS008.AES.Encrypt.Function.Parameters.ReturnValue](#rqsrs008aesencryptfunctionparametersreturnvalue) + * 4.9.13 [RQ.SRS008.AES.Encrypt.Function.Key.Length.InvalidLengthError](#rqsrs008aesencryptfunctionkeylengthinvalidlengtherror) + * 4.9.14 [RQ.SRS008.AES.Encrypt.Function.InitializationVector.Length.InvalidLengthError](#rqsrs008aesencryptfunctioninitializationvectorlengthinvalidlengtherror) + * 4.9.15 [RQ.SRS008.AES.Encrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesencryptfunctioninitializationvectornotvalidformode) + * 4.9.16 [RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.NotValidForMode](#rqsrs008aesencryptfunctionadditionalauthenticationdatanotvalidformode) + * 4.9.17 [RQ.SRS008.AES.Encrypt.Function.AdditionalAuthenticationData.Length](#rqsrs008aesencryptfunctionadditionalauthenticationdatalength) + * 4.9.18 [RQ.SRS008.AES.Encrypt.Function.NonGCMMode.KeyAndInitializationVector.Length](#rqsrs008aesencryptfunctionnongcmmodekeyandinitializationvectorlength) + * 4.9.19 [RQ.SRS008.AES.Encrypt.Function.GCMMode.KeyAndInitializationVector.Length](#rqsrs008aesencryptfunctiongcmmodekeyandinitializationvectorlength) + * 4.10 [Decrypt Function](#decrypt-function) + * 4.10.1 [RQ.SRS008.AES.Decrypt.Function](#rqsrs008aesdecryptfunction) + * 4.10.2 [RQ.SRS008.AES.Decrypt.Function.Syntax](#rqsrs008aesdecryptfunctionsyntax) + * 4.10.3 [RQ.SRS008.AES.Decrypt.Function.Parameters.CipherText](#rqsrs008aesdecryptfunctionparametersciphertext) + * 4.10.4 [RQ.SRS008.AES.Decrypt.Function.Parameters.Key](#rqsrs008aesdecryptfunctionparameterskey) + * 4.10.5 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode](#rqsrs008aesdecryptfunctionparametersmode) + * 4.10.6 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesdecryptfunctionparametersmodevaluesformat) + * 4.10.7 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesdecryptfunctionparametersmodevalueinvalid) + * 4.10.8 [RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.Values](#rqsrs008aesdecryptfunctionparametersmodevalues) + * 4.10.9 [RQ.SRS008.AES.Decrypt.Function.Parameters.InitializationVector](#rqsrs008aesdecryptfunctionparametersinitializationvector) + * 4.10.10 [RQ.SRS008.AES.Decrypt.Function.Parameters.AdditionalAuthenticatedData](#rqsrs008aesdecryptfunctionparametersadditionalauthenticateddata) + * 4.10.11 [RQ.SRS008.AES.Decrypt.Function.Parameters.ReturnValue](#rqsrs008aesdecryptfunctionparametersreturnvalue) + * 4.10.12 [RQ.SRS008.AES.Decrypt.Function.Key.Length.InvalidLengthError](#rqsrs008aesdecryptfunctionkeylengthinvalidlengtherror) + * 4.10.13 [RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError](#rqsrs008aesdecryptfunctioninitializationvectorlengthinvalidlengtherror) + * 4.10.14 [RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesdecryptfunctioninitializationvectornotvalidformode) + * 4.10.15 [RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.NotValidForMode](#rqsrs008aesdecryptfunctionadditionalauthenticationdatanotvalidformode) + * 4.10.16 [RQ.SRS008.AES.Decrypt.Function.AdditionalAuthenticationData.Length](#rqsrs008aesdecryptfunctionadditionalauthenticationdatalength) + * 4.10.17 [RQ.SRS008.AES.Decrypt.Function.NonGCMMode.KeyAndInitializationVector.Length](#rqsrs008aesdecryptfunctionnongcmmodekeyandinitializationvectorlength) + * 4.10.18 [RQ.SRS008.AES.Decrypt.Function.GCMMode.KeyAndInitializationVector.Length](#rqsrs008aesdecryptfunctiongcmmodekeyandinitializationvectorlength) + * 4.11 [MySQL Encrypt Function](#mysql-encrypt-function) + * 4.11.1 [RQ.SRS008.AES.MySQL.Encrypt.Function](#rqsrs008aesmysqlencryptfunction) + * 4.11.2 [RQ.SRS008.AES.MySQL.Encrypt.Function.Syntax](#rqsrs008aesmysqlencryptfunctionsyntax) + * 4.11.3 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText](#rqsrs008aesmysqlencryptfunctionparametersplaintext) + * 4.11.4 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key](#rqsrs008aesmysqlencryptfunctionparameterskey) + * 4.11.5 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode](#rqsrs008aesmysqlencryptfunctionparametersmode) + * 4.11.6 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesformat) + * 4.11.7 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesmysqlencryptfunctionparametersmodevalueinvalid) + * 4.11.8 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values](#rqsrs008aesmysqlencryptfunctionparametersmodevalues) + * 4.11.9 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.GCM.Error](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesgcmerror) + * 4.11.10 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.Values.CTR.Error](#rqsrs008aesmysqlencryptfunctionparametersmodevaluesctrerror) + * 4.11.11 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.InitializationVector](#rqsrs008aesmysqlencryptfunctionparametersinitializationvector) + * 4.11.12 [RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.ReturnValue](#rqsrs008aesmysqlencryptfunctionparametersreturnvalue) + * 4.11.13 [RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooShortError](#rqsrs008aesmysqlencryptfunctionkeylengthtooshorterror) + * 4.11.14 [RQ.SRS008.AES.MySQL.Encrypt.Function.Key.Length.TooLong](#rqsrs008aesmysqlencryptfunctionkeylengthtoolong) + * 4.11.15 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooShortError](#rqsrs008aesmysqlencryptfunctioninitializationvectorlengthtooshorterror) + * 4.11.16 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.Length.TooLong](#rqsrs008aesmysqlencryptfunctioninitializationvectorlengthtoolong) + * 4.11.17 [RQ.SRS008.AES.MySQL.Encrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesmysqlencryptfunctioninitializationvectornotvalidformode) + * 4.11.18 [RQ.SRS008.AES.MySQL.Encrypt.Function.Mode.KeyAndInitializationVector.Length](#rqsrs008aesmysqlencryptfunctionmodekeyandinitializationvectorlength) + * 4.12 [MySQL Decrypt Function](#mysql-decrypt-function) + * 4.12.1 [RQ.SRS008.AES.MySQL.Decrypt.Function](#rqsrs008aesmysqldecryptfunction) + * 4.12.2 [RQ.SRS008.AES.MySQL.Decrypt.Function.Syntax](#rqsrs008aesmysqldecryptfunctionsyntax) + * 4.12.3 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.CipherText](#rqsrs008aesmysqldecryptfunctionparametersciphertext) + * 4.12.4 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key](#rqsrs008aesmysqldecryptfunctionparameterskey) + * 4.12.5 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode](#rqsrs008aesmysqldecryptfunctionparametersmode) + * 4.12.6 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesformat) + * 4.12.7 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Value.Invalid](#rqsrs008aesmysqldecryptfunctionparametersmodevalueinvalid) + * 4.12.8 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values](#rqsrs008aesmysqldecryptfunctionparametersmodevalues) + * 4.12.9 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.GCM.Error](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesgcmerror) + * 4.12.10 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.Values.CTR.Error](#rqsrs008aesmysqldecryptfunctionparametersmodevaluesctrerror) + * 4.12.11 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.InitializationVector](#rqsrs008aesmysqldecryptfunctionparametersinitializationvector) + * 4.12.12 [RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.ReturnValue](#rqsrs008aesmysqldecryptfunctionparametersreturnvalue) + * 4.12.13 [RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooShortError](#rqsrs008aesmysqldecryptfunctionkeylengthtooshorterror) + * 4.12.14 [RQ.SRS008.AES.MySQL.Decrypt.Function.Key.Length.TooLong](#rqsrs008aesmysqldecryptfunctionkeylengthtoolong) + * 4.12.15 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooShortError](#rqsrs008aesmysqldecryptfunctioninitializationvectorlengthtooshorterror) + * 4.12.16 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.Length.TooLong](#rqsrs008aesmysqldecryptfunctioninitializationvectorlengthtoolong) + * 4.12.17 [RQ.SRS008.AES.MySQL.Decrypt.Function.InitializationVector.NotValidForMode](#rqsrs008aesmysqldecryptfunctioninitializationvectornotvalidformode) + * 4.12.18 [RQ.SRS008.AES.MySQL.Decrypt.Function.Mode.KeyAndInitializationVector.Length](#rqsrs008aesmysqldecryptfunctionmodekeyandinitializationvectorlength) * 5 [References](#references) ## Revision History @@ -2030,9 +2055,14 @@ accessed on remote [MySQL] servers via [MySQL Dictionary] or [MySQL Database Eng ## Terminology -* **AES** - +### AES + Advanced Encryption Standard ([AES]) +### AEAD + + Authenticated Encryption with Associated Data + ## Requirements ### Generic @@ -2042,38 +2072,44 @@ version: 1.0 [ClickHouse] SHALL support [AES] encryption functions to encrypt and decrypt data. -#### RQ.SRS008.AES.Functions.Compatability.MySQL +### Compatibility + +#### RQ.SRS008.AES.Functions.Compatibility.MySQL version: 1.0 [ClickHouse] SHALL support [AES] encryption functions compatible with [MySQL 5.7]. -#### RQ.SRS008.AES.Functions.Compatability.Dictionaries +#### RQ.SRS008.AES.Functions.Compatibility.Dictionaries version: 1.0 [ClickHouse] SHALL support encryption and decryption of data accessed on remote [MySQL] servers using [MySQL Dictionary]. -#### RQ.SRS008.AES.Functions.Compatability.Engine.Database.MySQL +#### RQ.SRS008.AES.Functions.Compatibility.Engine.Database.MySQL version: 1.0 [ClickHouse] SHALL support encryption and decryption of data accessed using [MySQL Database Engine], -#### RQ.SRS008.AES.Functions.Compatability.Engine.Table.MySQL +#### RQ.SRS008.AES.Functions.Compatibility.Engine.Table.MySQL version: 1.0 [ClickHouse] SHALL support encryption and decryption of data accessed using [MySQL Table Engine]. -#### RQ.SRS008.AES.Functions.Compatability.TableFunction.MySQL +#### RQ.SRS008.AES.Functions.Compatibility.TableFunction.MySQL version: 1.0 [ClickHouse] SHALL support encryption and decryption of data accessed using [MySQL Table Function]. +### Different Modes + #### RQ.SRS008.AES.Functions.DifferentModes version: 1.0 [ClickHouse] SHALL allow different modes to be supported in a single SQL statement using explicit function parameters. +### Multiple Sources + #### RQ.SRS008.AES.Functions.DataFromMultipleSources version: 1.0 @@ -2082,17 +2118,23 @@ in the `SELECT` statement, including [ClickHouse] [MergeTree] table as well as [ [MySQL Database Engine], [MySQL Table Engine], and [MySQL Table Function] with possibly different encryption schemes. +### Suppressing Sensitive Values + #### RQ.SRS008.AES.Functions.SuppressOutputOfSensitiveValues version: 1.0 [ClickHouse] SHALL suppress output of [AES] `string` and `key` parameters to the system log, error log, and `query_log` table to prevent leakage of sensitive values. +### Invalid Parameters + #### RQ.SRS008.AES.Functions.InvalidParameters version: 1.0 [ClickHouse] SHALL return an error when parameters are invalid. +### Mismatched Values + #### RQ.SRS008.AES.Functions.Mismatched.Key version: 1.0 @@ -2113,6 +2155,8 @@ version: 1.0 [ClickHouse] SHALL return an error or garbage for mismatched mode. +### Performance + #### RQ.SRS008.AES.Functions.Check.Performance version: 1.0 @@ -2141,7 +2185,7 @@ version: 1.0 Effect of [AES] encryption on the compression of a column with [LowCardinality] data type SHALL be measured. -### Specific +### Encrypt Function #### RQ.SRS008.AES.Encrypt.Function version: 1.0 @@ -2163,21 +2207,23 @@ version: 1.0 [ClickHouse] `encrypt` function output SHALL produce output that matches [NIST test vectors]. #### RQ.SRS008.AES.Encrypt.Function.Parameters.PlainText -version: 1.0 +version: 2.0 + +[ClickHouse] SHALL support `plaintext` with `String`, `FixedString`, `Nullable(String)`, +`Nullable(FixedString)`, `LowCardinality(String)`, or `LowCardinality(FixedString(N))` data types as +the second parameter to the `encrypt` function that SHALL specify the data to be encrypted. -[ClickHouse] SHALL support `plaintext` accepting any data type as -the first parameter to the `encrypt` function that SHALL specify the data to be encrypted. #### RQ.SRS008.AES.Encrypt.Function.Parameters.Key version: 1.0 [ClickHouse] SHALL support `key` with `String` or `FixedString` data types -as the second parameter to the `encrypt` function that SHALL specify the encryption key. +as the parameter to the `encrypt` function that SHALL specify the encryption key. #### RQ.SRS008.AES.Encrypt.Function.Parameters.Mode version: 1.0 -[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter +[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter to the `encrypt` function that SHALL specify encryption key length and block encryption mode. #### RQ.SRS008.AES.Encrypt.Function.Parameters.Mode.ValuesFormat @@ -2216,13 +2262,13 @@ of the `encrypt` function: * `aes-192-ofb` that SHALL use [OFB] block mode encryption with 192 bit key * `aes-256-ofb` that SHALL use [OFB] block mode encryption with 256 bit key * `aes-128-gcm` that SHALL use [GCM] block mode encryption with 128 bit key - and `AEAD` 16-byte tag is appended to the resulting ciphertext according to + and [AEAD] 16-byte tag is appended to the resulting ciphertext according to the [RFC5116] * `aes-192-gcm` that SHALL use [GCM] block mode encryption with 192 bit key - and `AEAD` 16-byte tag is appended to the resulting ciphertext according to + and [AEAD] 16-byte tag is appended to the resulting ciphertext according to the [RFC5116] * `aes-256-gcm` that SHALL use [GCM] block mode encryption with 256 bit key - and `AEAD` 16-byte tag is appended to the resulting ciphertext according to + and [AEAD] 16-byte tag is appended to the resulting ciphertext according to the [RFC5116] * `aes-128-ctr` that SHALL use [CTR] block mode encryption with 128 bit key * `aes-192-ctr` that SHALL use [CTR] block mode encryption with 192 bit key @@ -2311,6 +2357,8 @@ when using GCM modes * `aes-192-gcm` mode and `key` is not 24 bytes or `iv` is not specified * `aes-256-gcm` mode and `key` is not 32 bytes or `iv` is not specified +### Decrypt Function + #### RQ.SRS008.AES.Decrypt.Function version: 1.0 @@ -2329,18 +2377,18 @@ decrypt(mode, ciphertext, key, [iv, aad]) version: 1.0 [ClickHouse] SHALL support `ciphertext` accepting `FixedString` or `String` data types as -the first parameter to the `decrypt` function that SHALL specify the data to be decrypted. +the second parameter to the `decrypt` function that SHALL specify the data to be decrypted. #### RQ.SRS008.AES.Decrypt.Function.Parameters.Key version: 1.0 [ClickHouse] SHALL support `key` with `String` or `FixedString` data types -as the second parameter to the `decrypt` function that SHALL specify the encryption key. +as the third parameter to the `decrypt` function that SHALL specify the encryption key. #### RQ.SRS008.AES.Decrypt.Function.Parameters.Mode version: 1.0 -[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter +[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter to the `decrypt` function that SHALL specify encryption key length and block encryption mode. #### RQ.SRS008.AES.Decrypt.Function.Parameters.Mode.ValuesFormat @@ -2419,7 +2467,7 @@ version: 1.0 #### RQ.SRS008.AES.Decrypt.Function.InitializationVector.Length.InvalidLengthError version: 1.0 -[ClickHouse] SHALL return an error if the `iv` is speficified and the length is not exact for the `decrypt` function for a given block mode. +[ClickHouse] SHALL return an error if the `iv` is specified and the length is not exact for the `decrypt` function for a given block mode. #### RQ.SRS008.AES.Decrypt.Function.InitializationVector.NotValidForMode version: 1.0 @@ -2476,7 +2524,7 @@ when using GCM modes * `aes-192-gcm` mode and `key` is not 24 bytes or `iv` is not specified * `aes-256-gcm` mode and `key` is not 32 bytes or `iv` is not specified -### MySQL Specific Functions +### MySQL Encrypt Function #### RQ.SRS008.AES.MySQL.Encrypt.Function version: 1.0 @@ -2493,21 +2541,22 @@ aes_encrypt_mysql(mode, plaintext, key, [iv]) ``` #### RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.PlainText -version: 1.0 +version: 2.0 -[ClickHouse] SHALL support `plaintext` accepting any data type as -the first parameter to the `aes_encrypt_mysql` function that SHALL specify the data to be encrypted. +[ClickHouse] SHALL support `plaintext` with `String`, `FixedString`, `Nullable(String)`, +`Nullable(FixedString)`, `LowCardinality(String)`, or `LowCardinality(FixedString(N))` data types as +the second parameter to the `aes_encrypt_mysql` function that SHALL specify the data to be encrypted. #### RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Key version: 1.0 [ClickHouse] SHALL support `key` with `String` or `FixedString` data types -as the second parameter to the `aes_encrypt_mysql` function that SHALL specify the encryption key. +as the third parameter to the `aes_encrypt_mysql` function that SHALL specify the encryption key. #### RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode version: 1.0 -[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter +[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter to the `aes_encrypt_mysql` function that SHALL specify encryption key length and block encryption mode. #### RQ.SRS008.AES.MySQL.Encrypt.Function.Parameters.Mode.ValuesFormat @@ -2642,6 +2691,8 @@ version: 1.0 * `aes-192-ofb` mode and `key` is less than 24 bytes or if specified `iv` is less than 16 bytes * `aes-256-ofb` mode and `key` is less than 32 bytes or if specified `iv` is less than 16 bytes +### MySQL Decrypt Function + #### RQ.SRS008.AES.MySQL.Decrypt.Function version: 1.0 @@ -2660,18 +2711,18 @@ aes_decrypt_mysql(mode, ciphertext, key, [iv]) version: 1.0 [ClickHouse] SHALL support `ciphertext` accepting any data type as -the first parameter to the `aes_decrypt_mysql` function that SHALL specify the data to be decrypted. +the second parameter to the `aes_decrypt_mysql` function that SHALL specify the data to be decrypted. #### RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Key version: 1.0 [ClickHouse] SHALL support `key` with `String` or `FixedString` data types -as the second parameter to the `aes_decrypt_mysql` function that SHALL specify the encryption key. +as the third parameter to the `aes_decrypt_mysql` function that SHALL specify the encryption key. #### RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode version: 1.0 -[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the third parameter +[ClickHouse] SHALL support `mode` with `String` or `FixedString` data types as the first parameter to the `aes_decrypt_mysql` function that SHALL specify encryption key length and block encryption mode. #### RQ.SRS008.AES.MySQL.Decrypt.Function.Parameters.Mode.ValuesFormat @@ -2814,6 +2865,7 @@ version: 1.0 * **ClickHouse:** https://clickhouse.tech * **Git:** https://git-scm.com/ +[AEAD]: #aead [OpenSSL]: https://www.openssl.org/ [LowCardinality]: https://clickhouse.tech/docs/en/sql-reference/data-types/lowcardinality/ [MergeTree]: https://clickhouse.tech/docs/en/engines/table-engines/mergetree-family/mergetree/ diff --git a/tests/testflows/aes_encryption/tests/common.py b/tests/testflows/aes_encryption/tests/common.py index 10e98dd1065..5a6e34f59fd 100644 --- a/tests/testflows/aes_encryption/tests/common.py +++ b/tests/testflows/aes_encryption/tests/common.py @@ -106,6 +106,7 @@ plaintexts = [ ("DateTime", "reinterpretAsFixedString(toDateTime('2020-01-01 20:01:02'))"), ("DateTime64", "reinterpretAsFixedString(toDateTime64('2020-01-01 20:01:02.123', 3))"), ("LowCardinality", "toLowCardinality('1')"), + ("LowCardinalityFixedString", "toLowCardinality(toFixedString('1',2))"), #("Array", "[1,2]"), - not supported #("Tuple", "(1,'a')") - not supported ("NULL", "reinterpretAsFixedString(toDateOrNull('foo'))"), diff --git a/tests/testflows/aes_encryption/tests/encrypt.py b/tests/testflows/aes_encryption/tests/encrypt.py index 8f88712b44d..e6562dc51f5 100644 --- a/tests/testflows/aes_encryption/tests/encrypt.py +++ b/tests/testflows/aes_encryption/tests/encrypt.py @@ -309,7 +309,7 @@ def mode_parameter_types(self): @TestScenario @Requirements( - RQ_SRS008_AES_Encrypt_Function_Parameters_PlainText("1.0"), + RQ_SRS008_AES_Encrypt_Function_Parameters_PlainText("2.0"), RQ_SRS008_AES_Encrypt_Function_Parameters_Mode("1.0"), RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_ValuesFormat("1.0"), RQ_SRS008_AES_Encrypt_Function_Parameters_Mode_Values("1.0") diff --git a/tests/testflows/aes_encryption/tests/encrypt_mysql.py b/tests/testflows/aes_encryption/tests/encrypt_mysql.py index f44ae7d108f..89d000d83be 100644 --- a/tests/testflows/aes_encryption/tests/encrypt_mysql.py +++ b/tests/testflows/aes_encryption/tests/encrypt_mysql.py @@ -265,7 +265,7 @@ def syntax(self): @TestScenario @Requirements( - RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_PlainText("1.0"), + RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_PlainText("2.0"), RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode("1.0"), RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_ValuesFormat("1.0"), RQ_SRS008_AES_MySQL_Encrypt_Function_Parameters_Mode_Values("1.0") diff --git a/tests/testflows/aes_encryption/tests/snapshots/encrypt.py.encrypt.snapshot b/tests/testflows/aes_encryption/tests/snapshots/encrypt.py.encrypt.snapshot index 953c46f50a4..a46ab3c3cb5 100644 --- a/tests/testflows/aes_encryption/tests/snapshots/encrypt.py.encrypt.snapshot +++ b/tests/testflows/aes_encryption/tests/snapshots/encrypt.py.encrypt.snapshot @@ -2338,3 +2338,69 @@ example_mode_aes_256_ctr_datatype_NullableFixedString_iv_16_aad_None = r"""'5858 example_mode_aes_256_ctr_datatype_NullableFixedStringNull_iv_16_aad_None = r"""'\\N'""" +example_mode_aes_128_ecb_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'2320D8B0C3FF2AF0C808CE333688FEE4'""" + +example_mode_aes_192_ecb_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'145EF1DA49622900B742743B4114C3F8'""" + +example_mode_aes_256_ecb_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'BB44E0A5A23B06C6F78D05CF12E4A304'""" + +example_mode_aes_128_cbc_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'2320D8B0C3FF2AF0C808CE333688FEE4'""" + +example_mode_aes_192_cbc_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'145EF1DA49622900B742743B4114C3F8'""" + +example_mode_aes_256_cbc_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'BB44E0A5A23B06C6F78D05CF12E4A304'""" + +example_mode_aes_128_cbc_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'ECE42AF0000893B1D1A43993506376A4'""" + +example_mode_aes_192_cbc_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'0A8E8BA80EB490740B91937D4A5FF84C'""" + +example_mode_aes_256_cbc_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'4A3A13D0807C29D4FA9CAEE6B9A67E7D'""" + +example_mode_aes_128_cfb128_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'21DF'""" + +example_mode_aes_192_cfb128_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'36B7'""" + +example_mode_aes_256_cfb128_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'818E'""" + +example_mode_aes_128_cfb128_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'0388'""" + +example_mode_aes_192_cfb128_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'59C7'""" + +example_mode_aes_256_cfb128_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'5858'""" + +example_mode_aes_128_ofb_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'21DF'""" + +example_mode_aes_192_ofb_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'36B7'""" + +example_mode_aes_256_ofb_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'818E'""" + +example_mode_aes_128_ofb_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'0388'""" + +example_mode_aes_192_ofb_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'59C7'""" + +example_mode_aes_256_ofb_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'5858'""" + +example_mode_aes_128_gcm_datatype_LowCardinalityFixedString_iv_12_aad_None = r"""'DC9659BBB6F4D4C40DCD095F1FD69A4E5B9C'""" + +example_mode_aes_192_gcm_datatype_LowCardinalityFixedString_iv_12_aad_None = r"""'7BFA19E7769CC955EDD39D806A13BF6AF8E3'""" + +example_mode_aes_256_gcm_datatype_LowCardinalityFixedString_iv_12_aad_None = r"""'67CB36E371A5C5F544B1EFEC353A84FE0B2F'""" + +example_mode_aes_128_gcm_datatype_LowCardinalityFixedString_iv_12_aad_True = r"""'DC96EBF2E338CDC4D6F8B490ACE77BB6FB40'""" + +example_mode_aes_192_gcm_datatype_LowCardinalityFixedString_iv_12_aad_True = r"""'7BFA9A2913F05BBB8DB441C2D67E06FD46F8'""" + +example_mode_aes_256_gcm_datatype_LowCardinalityFixedString_iv_12_aad_True = r"""'67CBA4772AA9C9C17819F647FA5CBE2E5715'""" + +example_mode_aes_128_ctr_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'21DF'""" + +example_mode_aes_192_ctr_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'36B7'""" + +example_mode_aes_256_ctr_datatype_LowCardinalityFixedString_iv_None_aad_None = r"""'818E'""" + +example_mode_aes_128_ctr_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'0388'""" + +example_mode_aes_192_ctr_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'59C7'""" + +example_mode_aes_256_ctr_datatype_LowCardinalityFixedString_iv_16_aad_None = r"""'5858'""" + diff --git a/tests/testflows/aes_encryption/tests/snapshots/encrypt_mysql.py.encrypt_mysql.snapshot b/tests/testflows/aes_encryption/tests/snapshots/encrypt_mysql.py.encrypt_mysql.snapshot index 9dee5d818d6..32ab15386a1 100644 --- a/tests/testflows/aes_encryption/tests/snapshots/encrypt_mysql.py.encrypt_mysql.snapshot +++ b/tests/testflows/aes_encryption/tests/snapshots/encrypt_mysql.py.encrypt_mysql.snapshot @@ -2242,3 +2242,69 @@ example_mode_aes_256_ofb_datatype_NullableFixedString_key_64_iv_64 = r"""'E2EE'" example_mode_aes_256_ofb_datatype_NullableFixedStringNull_key_64_iv_64 = r"""'\\N'""" +example_mode_aes_128_ecb_datatype_LowCardinalityFixedString_key_16_iv_None = r"""'2320D8B0C3FF2AF0C808CE333688FEE4'""" + +example_mode_aes_128_ecb_datatype_LowCardinalityFixedString_key_24_iv_None = r"""'824777897B48FB42AE19EBF2835AE5BA'""" + +example_mode_aes_192_ecb_datatype_LowCardinalityFixedString_key_24_iv_None = r"""'145EF1DA49622900B742743B4114C3F8'""" + +example_mode_aes_192_ecb_datatype_LowCardinalityFixedString_key_32_iv_None = r"""'24268978B72821002456FF2204B0F9B9'""" + +example_mode_aes_256_ecb_datatype_LowCardinalityFixedString_key_32_iv_None = r"""'BB44E0A5A23B06C6F78D05CF12E4A304'""" + +example_mode_aes_256_ecb_datatype_LowCardinalityFixedString_key_64_iv_None = r"""'F2FACC4703F559D74555D10CA4850F40'""" + +example_mode_aes_128_cbc_datatype_LowCardinalityFixedString_key_16_iv_None = r"""'2320D8B0C3FF2AF0C808CE333688FEE4'""" + +example_mode_aes_192_cbc_datatype_LowCardinalityFixedString_key_24_iv_None = r"""'145EF1DA49622900B742743B4114C3F8'""" + +example_mode_aes_256_cbc_datatype_LowCardinalityFixedString_key_32_iv_None = r"""'BB44E0A5A23B06C6F78D05CF12E4A304'""" + +example_mode_aes_128_cbc_datatype_LowCardinalityFixedString_key_16_iv_16 = r"""'ECE42AF0000893B1D1A43993506376A4'""" + +example_mode_aes_128_cbc_datatype_LowCardinalityFixedString_key_24_iv_24 = r"""'C55AC3DA9276DBF066AC408BFCF011DD'""" + +example_mode_aes_192_cbc_datatype_LowCardinalityFixedString_key_24_iv_16 = r"""'0A8E8BA80EB490740B91937D4A5FF84C'""" + +example_mode_aes_192_cbc_datatype_LowCardinalityFixedString_key_32_iv_32 = r"""'723C4EB7399AE6F019109651B376A111'""" + +example_mode_aes_256_cbc_datatype_LowCardinalityFixedString_key_32_iv_16 = r"""'4A3A13D0807C29D4FA9CAEE6B9A67E7D'""" + +example_mode_aes_256_cbc_datatype_LowCardinalityFixedString_key_64_iv_64 = r"""'5547B945A6810130CFC689C22530FA26'""" + +example_mode_aes_128_cfb128_datatype_LowCardinalityFixedString_key_16_iv_None = r"""'21DF'""" + +example_mode_aes_192_cfb128_datatype_LowCardinalityFixedString_key_24_iv_None = r"""'36B7'""" + +example_mode_aes_256_cfb128_datatype_LowCardinalityFixedString_key_32_iv_None = r"""'818E'""" + +example_mode_aes_128_cfb128_datatype_LowCardinalityFixedString_key_16_iv_16 = r"""'0388'""" + +example_mode_aes_128_cfb128_datatype_LowCardinalityFixedString_key_24_iv_24 = r"""'6A77'""" + +example_mode_aes_192_cfb128_datatype_LowCardinalityFixedString_key_24_iv_16 = r"""'59C7'""" + +example_mode_aes_192_cfb128_datatype_LowCardinalityFixedString_key_32_iv_32 = r"""'00A0'""" + +example_mode_aes_256_cfb128_datatype_LowCardinalityFixedString_key_32_iv_16 = r"""'5858'""" + +example_mode_aes_256_cfb128_datatype_LowCardinalityFixedString_key_64_iv_64 = r"""'E2EE'""" + +example_mode_aes_128_ofb_datatype_LowCardinalityFixedString_key_16_iv_None = r"""'21DF'""" + +example_mode_aes_192_ofb_datatype_LowCardinalityFixedString_key_24_iv_None = r"""'36B7'""" + +example_mode_aes_256_ofb_datatype_LowCardinalityFixedString_key_32_iv_None = r"""'818E'""" + +example_mode_aes_128_ofb_datatype_LowCardinalityFixedString_key_16_iv_16 = r"""'0388'""" + +example_mode_aes_128_ofb_datatype_LowCardinalityFixedString_key_24_iv_24 = r"""'6A77'""" + +example_mode_aes_192_ofb_datatype_LowCardinalityFixedString_key_24_iv_16 = r"""'59C7'""" + +example_mode_aes_192_ofb_datatype_LowCardinalityFixedString_key_32_iv_32 = r"""'00A0'""" + +example_mode_aes_256_ofb_datatype_LowCardinalityFixedString_key_32_iv_16 = r"""'5858'""" + +example_mode_aes_256_ofb_datatype_LowCardinalityFixedString_key_64_iv_64 = r"""'E2EE'""" +