Raw encryption functions

Please note they solely apply a cipher to the data and do not provide additional security measures.

encrypt(data bytea, key bytea, type text) -> bytea
decrypt(data bytea, key bytea, type text) -> bytea

The cipher method is specified by type. The syntax of the type string is:

algorithm [-mode][/pad:padding]

algorithm is:

  • aes — AES (Rijndael-128, -192 or -256)

mode is one of:

  • cbc — next block depends on previous (default)
  • ecb — each block is encrypted separately (for testing only)

padding is one of:

  • pkcs — data may be any length (default)
  • none — data must be multiple of cipher block size

The given encryption/decryption key MUST match length 16/24/32 bytes as required by aes-128/192/256.

Examples of type text
aes-cbc/pad:pkcs => AES algorithm, cbc mode, enabling padding
aes => AES algorithm, cbc mode, enabling padding
aes-ecb => AES algorithm, ecb mode, enabling padding
Example of raw encryption functions
SELECT encrypt('Hello, World!', 'my_secret_key111', 'aes-cbc/pad:pkcs');
----RESULT
\x9cf6a49f90b3ac816aeeeed286606fdb
(1 row)
Example of raw encryption functions
SELECT decrypt('\x9cf6a49f90b3ac816aeeeed286606fdb','my_secret_key111', 'aes-cbc/pad:pkcs');)
----RESULT
\x48656c6c6f2c20576f726c6421
(1 row)