Merge pull request #38139 from ClickHouse/Avogar-patch-5

Fix docs about encryption functions
2024-11-22 07:31:57 +00:00 · 2022-06-18 04:10:24 +03:00 · 2022-06-18 04:10:24 +03:00 · 9d6c6b5e13
commit 9d6c6b5e13
parent 1b9a47f825 489765aa6d
2 changed files with 86 additions and 86 deletions
--- a/docs/en/sql-reference/functions/encryption-functions.md
+++ b/docs/en/sql-reference/functions/encryption-functions.md
@ -19,11 +19,10 @@ This function encrypts data using these modes:

 -   aes-128-ecb, aes-192-ecb, aes-256-ecb
 -   aes-128-cbc, aes-192-cbc, aes-256-cbc
-   aes-128-cfb1, aes-192-cfb1, aes-256-cfb1
-   aes-128-cfb8, aes-192-cfb8, aes-256-cfb8
-   aes-128-cfb128, aes-192-cfb128, aes-256-cfb128
+-   aes-128-cfb128
 -   aes-128-ofb, aes-192-ofb, aes-256-ofb
 -   aes-128-gcm, aes-192-gcm, aes-256-gcm
+-   aes-128-ctr, aes-192-ctr, aes-256-ctr

 **Syntax**

@ -63,9 +62,9 @@ Insert some data (please avoid storing the keys/ivs in the database as this unde
 Query:

 ``` sql
-INSERT INTO encryption_test VALUES('aes-256-cfb128 no IV', encrypt('aes-256-cfb128', 'Secret', '12345678910121314151617181920212')),\
-('aes-256-cfb128 no IV, different key', encrypt('aes-256-cfb128', 'Secret', 'keykeykeykeykeykeykeykeykeykeyke')),\
-('aes-256-cfb128 with IV', encrypt('aes-256-cfb128', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv')),\
+INSERT INTO encryption_test VALUES('aes-256-ofb no IV', encrypt('aes-256-ofb', 'Secret', '12345678910121314151617181920212')),\
+('aes-256-ofb no IV, different key', encrypt('aes-256-ofb', 'Secret', 'keykeykeykeykeykeykeykeykeykeyke')),\
+('aes-256-ofb with IV', encrypt('aes-256-ofb', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv')),\
 ('aes-256-cbc no IV', encrypt('aes-256-cbc', 'Secret', '12345678910121314151617181920212'));
 ```

@ -78,12 +77,12 @@ SELECT comment, hex(secret) FROM encryption_test;
 Result:

 ``` text
-┌─comment─────────────────────────────┬─hex(secret)──────────────────────┐
-│ aes-256-cfb128 no IV                │ B4972BDC4459                     │
-│ aes-256-cfb128 no IV, different key │ 2FF57C092DC9                     │
-│ aes-256-cfb128 with IV              │ 5E6CB398F653                     │
-│ aes-256-cbc no IV                   │ 1BC0629A92450D9E73A00E7D02CF4142 │
-└─────────────────────────────────────┴──────────────────────────────────┘
+┌─comment──────────────────────────┬─hex(secret)──────────────────────┐
+│ aes-256-ofb no IV                │ B4972BDC4459                     │
+│ aes-256-ofb no IV, different key │ 2FF57C092DC9                     │
+│ aes-256-ofb with IV              │ 5E6CB398F653                     │
+│ aes-256-cbc no IV                │ 1BC0629A92450D9E73A00E7D02CF4142 │
+└──────────────────────────────────┴──────────────────────────────────┘
 ```

 Example with `-gcm`:
@ -116,9 +115,7 @@ Supported encryption modes:

 -   aes-128-ecb, aes-192-ecb, aes-256-ecb
 -   aes-128-cbc, aes-192-cbc, aes-256-cbc
-   aes-128-cfb1, aes-192-cfb1, aes-256-cfb1
-   aes-128-cfb8, aes-192-cfb8, aes-256-cfb8
-   aes-128-cfb128, aes-192-cfb128, aes-256-cfb128
+-   aes-128-cfb128
 -   aes-128-ofb, aes-192-ofb, aes-256-ofb

 **Syntax**
@ -145,7 +142,7 @@ Given equal input `encrypt` and `aes_encrypt_mysql` produce the same ciphertext:
 Query:

 ``` sql
-SELECT encrypt('aes-256-cfb128', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv') = aes_encrypt_mysql('aes-256-cfb128', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv') AS ciphertexts_equal;
+SELECT encrypt('aes-256-ofb', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv') = aes_encrypt_mysql('aes-256-ofb', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv') AS ciphertexts_equal;
 ```

 Result:
@ -161,14 +158,14 @@ But `encrypt` fails when `key` or `iv` is longer than expected:
 Query:

 ``` sql
-SELECT encrypt('aes-256-cfb128', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123');
+SELECT encrypt('aes-256-ofb', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123');
 ```

 Result:

 ``` text
-Received exception from server (version 21.1.2):
-Code: 36. DB::Exception: Received from localhost:9000. DB::Exception: Invalid key size: 33 expected 32: While processing encrypt('aes-256-cfb128', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123').
+Received exception from server (version 22.6.1):
+Code: 36. DB::Exception: Received from localhost:9000. DB::Exception: Invalid key size: 33 expected 32: While processing encrypt('aes-256-ofb', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123').
 ```

 While `aes_encrypt_mysql` produces MySQL-compatitalbe output:
@ -176,7 +173,7 @@ While `aes_encrypt_mysql` produces MySQL-compatitalbe output:
 Query:

 ``` sql
-SELECT hex(aes_encrypt_mysql('aes-256-cfb128', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123')) AS ciphertext;
+SELECT hex(aes_encrypt_mysql('aes-256-ofb', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123')) AS ciphertext;
 ```

 Result:
@ -192,7 +189,7 @@ Notice how supplying even longer `IV` produces the same result
 Query:

 ``` sql
-SELECT hex(aes_encrypt_mysql('aes-256-cfb128', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123456')) AS ciphertext
+SELECT hex(aes_encrypt_mysql('aes-256-ofb', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123456')) AS ciphertext
 ```

 Result:
@ -206,7 +203,7 @@ Result:
 Which is binary equal to what MySQL produces on same inputs:

 ``` sql
-mysql> SET  block_encryption_mode='aes-256-cfb128';
+mysql> SET  block_encryption_mode='aes-256-ofb';
 Query OK, 0 rows affected (0.00 sec)

 mysql> SELECT aes_encrypt('Secret', '123456789101213141516171819202122', 'iviviviviviviviv123456') as ciphertext;
@ -224,11 +221,10 @@ This function decrypts ciphertext into a plaintext using these modes:

 -   aes-128-ecb, aes-192-ecb, aes-256-ecb
 -   aes-128-cbc, aes-192-cbc, aes-256-cbc
-   aes-128-cfb1, aes-192-cfb1, aes-256-cfb1
-   aes-128-cfb8, aes-192-cfb8, aes-256-cfb8
-   aes-128-cfb128, aes-192-cfb128, aes-256-cfb128
+-   aes-128-cfb128
 -   aes-128-ofb, aes-192-ofb, aes-256-ofb
 -   aes-128-gcm, aes-192-gcm, aes-256-gcm
+-   aes-128-ctr, aes-192-ctr, aes-256-ctr

 **Syntax**

@ -265,12 +261,12 @@ Result:
 │ aes-256-gcm          │ A8A3CCBC6426CFEEB60E4EAE03D3E94204C1B09E0254 │
 │ aes-256-gcm with AAD │ A8A3CCBC6426D9A1017A0A932322F1852260A4AD6837 │
 └──────────────────────┴──────────────────────────────────────────────┘
-┌─comment─────────────────────────────┬─hex(secret)──────────────────────┐
-│ aes-256-cfb128 no IV                │ B4972BDC4459                     │
-│ aes-256-cfb128 no IV, different key │ 2FF57C092DC9                     │
-│ aes-256-cfb128 with IV              │ 5E6CB398F653                     │
-│ aes-256-cbc no IV                   │ 1BC0629A92450D9E73A00E7D02CF4142 │
-└─────────────────────────────────────┴──────────────────────────────────┘
+┌─comment──────────────────────────┬─hex(secret)──────────────────────┐
+│ aes-256-ofb no IV                │ B4972BDC4459                     │
+│ aes-256-ofb no IV, different key │ 2FF57C092DC9                     │
+│ aes-256-ofb with IV              │ 5E6CB398F653                     │
+│ aes-256-cbc no IV                │ 1BC0629A92450D9E73A00E7D02CF4142 │
+└──────────────────────────────────┴──────────────────────────────────┘
 ```

 Now let's try to decrypt all that data.
@ -284,13 +280,19 @@ SELECT comment, decrypt('aes-256-cfb128', secret, '12345678910121314151617181920
 Result:

 ``` text
-┌─comment─────────────────────────────┬─plaintext─┐
-│ aes-256-cfb128 no IV                │ Secret    │
-│ aes-256-cfb128 no IV, different key │ <20>4<EFBFBD>
-                                           <20>         │
-│ aes-256-cfb128 with IV              │ <20><><EFBFBD>6<EFBFBD>~        │
- │aes-256-cbc no IV                   │ <20>2*4<>h3c<33>4w<34><77>@
-└─────────────────────────────────────┴───────────┘
+┌─comment──────────────┬─plaintext──┐
+│ aes-256-gcm          │ OQ<4F>E
+                             <20>t<EFBFBD>7T<37>\<5C><><EFBFBD>\<5C>   │
+│ aes-256-gcm with AAD │ OQ<4F>E
+                             <20>\<5C><>si<73><69><EFBFBD><EFBFBD>;<3B>o<EFBFBD><6F> │
+└──────────────────────┴────────────┘
+┌─comment──────────────────────────┬─plaintext─┐
+│ aes-256-ofb no IV                │ Secret    │
+│ aes-256-ofb no IV, different key │ <20>4<EFBFBD>
+                                        <20>         │
+│ aes-256-ofb with IV              │ <20><><EFBFBD>6<EFBFBD>~        │
+ │aes-256-cbc no IV                │ <20>2*4<>h3c<33>4w<34><77>@
+└──────────────────────────────────┴───────────┘
 ```

 Notice how only a portion of the data was properly decrypted, and the rest is gibberish since either `mode`, `key`, or `iv` were different upon encryption.
@ -305,9 +307,7 @@ Supported decryption modes:

 -   aes-128-ecb, aes-192-ecb, aes-256-ecb
 -   aes-128-cbc, aes-192-cbc, aes-256-cbc
-   aes-128-cfb1, aes-192-cfb1, aes-256-cfb1
-   aes-128-cfb8, aes-192-cfb8, aes-256-cfb8
-   aes-128-cfb128, aes-192-cfb128, aes-256-cfb128
+-   aes-128-cfb128
 -   aes-128-ofb, aes-192-ofb, aes-256-ofb

 **Syntax**
@ -332,7 +332,7 @@ aes_decrypt_mysql('mode', 'ciphertext', 'key' [, iv])
 Let's decrypt data we've previously encrypted with MySQL:

 ``` sql
-mysql> SET  block_encryption_mode='aes-256-cfb128';
+mysql> SET  block_encryption_mode='aes-256-ofb';
 Query OK, 0 rows affected (0.00 sec)

 mysql> SELECT aes_encrypt('Secret', '123456789101213141516171819202122', 'iviviviviviviviv123456') as ciphertext;
@ -347,7 +347,7 @@ mysql> SELECT aes_encrypt('Secret', '123456789101213141516171819202122', 'iviviv
 Query:

 ``` sql
-SELECT aes_decrypt_mysql('aes-256-cfb128', unhex('24E9E4966469'), '123456789101213141516171819202122', 'iviviviviviviviv123456') AS plaintext
+SELECT aes_decrypt_mysql('aes-256-ofb', unhex('24E9E4966469'), '123456789101213141516171819202122', 'iviviviviviviviv123456') AS plaintext
 ```

 Result:
--- a/docs/ru/sql-reference/functions/encryption-functions.md
+++ b/docs/ru/sql-reference/functions/encryption-functions.md
@ -19,11 +19,10 @@ sidebar_label: "Функции для шифрования"

 -   aes-128-ecb, aes-192-ecb, aes-256-ecb
 -   aes-128-cbc, aes-192-cbc, aes-256-cbc
-   aes-128-cfb1, aes-192-cfb1, aes-256-cfb1
-   aes-128-cfb8, aes-192-cfb8, aes-256-cfb8
-   aes-128-cfb128, aes-192-cfb128, aes-256-cfb128
+-   aes-128-cfb128
 -   aes-128-ofb, aes-192-ofb, aes-256-ofb
 -   aes-128-gcm, aes-192-gcm, aes-256-gcm
+-   aes-128-ctr, aes-192-ctr, aes-256-ctr

 **Синтаксис**

@ -63,9 +62,9 @@ ENGINE = Memory;
 Запрос:

 ``` sql
-INSERT INTO encryption_test VALUES('aes-256-cfb128 no IV', encrypt('aes-256-cfb128', 'Secret', '12345678910121314151617181920212')),\
-('aes-256-cfb128 no IV, different key', encrypt('aes-256-cfb128', 'Secret', 'keykeykeykeykeykeykeykeykeykeyke')),\
-('aes-256-cfb128 with IV', encrypt('aes-256-cfb128', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv')),\
+INSERT INTO encryption_test VALUES('aes-256-ofb no IV', encrypt('aes-256-ofb', 'Secret', '12345678910121314151617181920212')),\
+('aes-256-ofb no IV, different key', encrypt('aes-256-ofb', 'Secret', 'keykeykeykeykeykeykeykeykeykeyke')),\
+('aes-256-ofb with IV', encrypt('aes-256-ofb', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv')),\
 ('aes-256-cbc no IV', encrypt('aes-256-cbc', 'Secret', '12345678910121314151617181920212'));
 ```

@ -78,12 +77,12 @@ SELECT comment, hex(secret) FROM encryption_test;
 Результат:

 ``` text
-┌─comment─────────────────────────────┬─hex(secret)──────────────────────┐
-│ aes-256-cfb128 no IV                │ B4972BDC4459                     │
-│ aes-256-cfb128 no IV, different key │ 2FF57C092DC9                     │
-│ aes-256-cfb128 with IV              │ 5E6CB398F653                     │
-│ aes-256-cbc no IV                   │ 1BC0629A92450D9E73A00E7D02CF4142 │
-└─────────────────────────────────────┴──────────────────────────────────┘
+┌─comment──────────────────────────┬─hex(secret)──────────────────────┐
+│ aes-256-ofb no IV                │ B4972BDC4459                     │
+│ aes-256-ofb no IV, different key │ 2FF57C092DC9                     │
+│ aes-256-ofb with IV              │ 5E6CB398F653                     │
+│ aes-256-cbc no IV                │ 1BC0629A92450D9E73A00E7D02CF4142 │
+└──────────────────────────────────┴──────────────────────────────────┘
 ```

 Пример в режиме `-gcm`:
@ -116,9 +115,7 @@ SELECT comment, hex(secret) FROM encryption_test WHERE comment LIKE '%gcm%';

 -   aes-128-ecb, aes-192-ecb, aes-256-ecb
 -   aes-128-cbc, aes-192-cbc, aes-256-cbc
-   aes-128-cfb1, aes-192-cfb1, aes-256-cfb1
-   aes-128-cfb8, aes-192-cfb8, aes-256-cfb8
-   aes-128-cfb128, aes-192-cfb128, aes-256-cfb128
+-   aes-128-cfb128
 -   aes-128-ofb, aes-192-ofb, aes-256-ofb

 **Синтаксис**
@ -145,7 +142,7 @@ aes_encrypt_mysql('mode', 'plaintext', 'key' [, iv])
 Запрос:

 ``` sql
-SELECT encrypt('aes-256-cfb128', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv') = aes_encrypt_mysql('aes-256-cfb128', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv') AS ciphertexts_equal;
+SELECT encrypt('aes-256-ofb', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv') = aes_encrypt_mysql('aes-256-ofb', 'Secret', '12345678910121314151617181920212', 'iviviviviviviviv') AS ciphertexts_equal;
 ```

 Результат:
@ -161,14 +158,14 @@ SELECT encrypt('aes-256-cfb128', 'Secret', '12345678910121314151617181920212', '
 Запрос:

 ``` sql
-SELECT encrypt('aes-256-cfb128', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123');
+SELECT encrypt('aes-256-ofb', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123');
 ```

 Результат:

 ``` text
 Received exception from server (version 21.1.2):
-Code: 36. DB::Exception: Received from localhost:9000. DB::Exception: Invalid key size: 33 expected 32: While processing encrypt('aes-256-cfb128', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123').
+Code: 36. DB::Exception: Received from localhost:9000. DB::Exception: Invalid key size: 33 expected 32: While processing encrypt('aes-256-ofb', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123').
 ```

 Однако функция `aes_encrypt_mysql` в аналогичном случае возвращает результат, который может быть обработан MySQL:
@ -176,7 +173,7 @@ Code: 36. DB::Exception: Received from localhost:9000. DB::Exception: Invalid ke
 Запрос:

 ``` sql
-SELECT hex(aes_encrypt_mysql('aes-256-cfb128', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123')) AS ciphertext;
+SELECT hex(aes_encrypt_mysql('aes-256-ofb', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123')) AS ciphertext;
 ```

 Результат:
@ -192,7 +189,7 @@ SELECT hex(aes_encrypt_mysql('aes-256-cfb128', 'Secret', '1234567891012131415161
 Запрос:

 ``` sql
-SELECT hex(aes_encrypt_mysql('aes-256-cfb128', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123456')) AS ciphertext
+SELECT hex(aes_encrypt_mysql('aes-256-ofb', 'Secret', '123456789101213141516171819202122', 'iviviviviviviviv123456')) AS ciphertext
 ```

 Результат:
@ -206,7 +203,7 @@ SELECT hex(aes_encrypt_mysql('aes-256-cfb128', 'Secret', '1234567891012131415161
 Это совпадает с результатом, возвращаемым MySQL при таких же входящих значениях:

 ``` sql
-mysql> SET  block_encryption_mode='aes-256-cfb128';
+mysql> SET  block_encryption_mode='aes-256-ofb';
 Query OK, 0 rows affected (0.00 sec)

 mysql> SELECT aes_encrypt('Secret', '123456789101213141516171819202122', 'iviviviviviviviv123456') as ciphertext;
@ -224,11 +221,10 @@ mysql> SELECT aes_encrypt('Secret', '123456789101213141516171819202122', 'iviviv

 -   aes-128-ecb, aes-192-ecb, aes-256-ecb
 -   aes-128-cbc, aes-192-cbc, aes-256-cbc
-   aes-128-cfb1, aes-192-cfb1, aes-256-cfb1
-   aes-128-cfb8, aes-192-cfb8, aes-256-cfb8
-   aes-128-cfb128, aes-192-cfb128, aes-256-cfb128
+-   aes-128-cfb128
 -   aes-128-ofb, aes-192-ofb, aes-256-ofb
 -   aes-128-gcm, aes-192-gcm, aes-256-gcm
+-   aes-128-ctr, aes-192-ctr, aes-256-ctr

 **Синтаксис**

@ -265,12 +261,12 @@ SELECT comment, hex(secret) FROM encryption_test;
 │ aes-256-gcm          │ A8A3CCBC6426CFEEB60E4EAE03D3E94204C1B09E0254 │
 │ aes-256-gcm with AAD │ A8A3CCBC6426D9A1017A0A932322F1852260A4AD6837 │
 └──────────────────────┴──────────────────────────────────────────────┘
-┌─comment─────────────────────────────┬─hex(secret)──────────────────────┐
-│ aes-256-cfb128 no IV                │ B4972BDC4459                     │
-│ aes-256-cfb128 no IV, different key │ 2FF57C092DC9                     │
-│ aes-256-cfb128 with IV              │ 5E6CB398F653                     │
-│ aes-256-cbc no IV                   │ 1BC0629A92450D9E73A00E7D02CF4142 │
-└─────────────────────────────────────┴──────────────────────────────────┘
+┌─comment──────────────────────────┬─hex(secret)──────────────────────┐
+│ aes-256-ofb no IV                │ B4972BDC4459                     │
+│ aes-256-ofb no IV, different key │ 2FF57C092DC9                     │
+│ aes-256-ofb with IV              │ 5E6CB398F653                     │
+│ aes-256-cbc no IV                │ 1BC0629A92450D9E73A00E7D02CF4142 │
+└──────────────────────────────────┴──────────────────────────────────┘
 ```

 Теперь попытаемся расшифровать эти данные:
@ -278,19 +274,25 @@ SELECT comment, hex(secret) FROM encryption_test;
 Запрос:

 ``` sql
-SELECT comment, decrypt('aes-256-cfb128', secret, '12345678910121314151617181920212') as plaintext FROM encryption_test;
+SELECT comment, decrypt('aes-256-ofb', secret, '12345678910121314151617181920212') as plaintext FROM encryption_test;
 ```

 Результат:

 ``` text
-┌─comment─────────────────────────────┬─plaintext─┐
-│ aes-256-cfb128 no IV                │ Secret    │
-│ aes-256-cfb128 no IV, different key │ <20>4<EFBFBD>
-                                           <20>         │
-│ aes-256-cfb128 with IV              │ <20><><EFBFBD>6<EFBFBD>~        │
- │aes-256-cbc no IV                   │ <20>2*4<>h3c<33>4w<34><77>@
-└─────────────────────────────────────┴───────────┘
+┌─comment──────────────┬─plaintext──┐
+│ aes-256-gcm          │ OQ<4F>E
+                             <20>t<EFBFBD>7T<37>\<5C><><EFBFBD>\<5C>   │
+│ aes-256-gcm with AAD │ OQ<4F>E
+                             <20>\<5C><>si<73><69><EFBFBD><EFBFBD>;<3B>o<EFBFBD><6F> │
+└──────────────────────┴────────────┘
+┌─comment──────────────────────────┬─plaintext─┐
+│ aes-256-ofb no IV                │ Secret    │
+│ aes-256-ofb no IV, different key │ <20>4<EFBFBD>
+                                        <20>         │
+│ aes-256-ofb with IV              │ <20><><EFBFBD>6<EFBFBD>~        │
+ │aes-256-cbc no IV                │ <20>2*4<>h3c<33>4w<34><77>@
+└──────────────────────────────────┴───────────┘
 ```

 Обратите внимание, что только часть данных была расшифрована верно. Оставшаяся часть расшифрована некорректно, так как при шифровании использовались другие значения `mode`, `key`, или `iv`.
@ -305,9 +307,7 @@ SELECT comment, decrypt('aes-256-cfb128', secret, '12345678910121314151617181920

 -   aes-128-ecb, aes-192-ecb, aes-256-ecb
 -   aes-128-cbc, aes-192-cbc, aes-256-cbc
-   aes-128-cfb1, aes-192-cfb1, aes-256-cfb1
-   aes-128-cfb8, aes-192-cfb8, aes-256-cfb8
-   aes-128-cfb128, aes-192-cfb128, aes-256-cfb128
+-   aes-128-cfb128
 -   aes-128-ofb, aes-192-ofb, aes-256-ofb

 **Синтаксис**
@ -333,7 +333,7 @@ aes_decrypt_mysql('mode', 'ciphertext', 'key' [, iv])


 ``` sql
-mysql> SET  block_encryption_mode='aes-256-cfb128';
+mysql> SET  block_encryption_mode='aes-256-ofb';
 Query OK, 0 rows affected (0.00 sec)

 mysql> SELECT aes_encrypt('Secret', '123456789101213141516171819202122', 'iviviviviviviviv123456') as ciphertext;
@ -348,7 +348,7 @@ mysql> SELECT aes_encrypt('Secret', '123456789101213141516171819202122', 'iviviv
 Запрос:

 ``` sql
-SELECT aes_decrypt_mysql('aes-256-cfb128', unhex('24E9E4966469'), '123456789101213141516171819202122', 'iviviviviviviviv123456') AS plaintext;
+SELECT aes_decrypt_mysql('aes-256-ofb', unhex('24E9E4966469'), '123456789101213141516171819202122', 'iviviviviviviviv123456') AS plaintext;
 ```

 Результат: