KDF

MariaDB starting with 11.3

KDF() is a key derivation function introduced in MariaDB 11.3.0.

Syntax

KDF(key_str, salt [, {info | iterations} [, kdf_name [, width ]]])

Description

KDF is a key derivation function, similar to OpenSSL's EVP_KDF_derive(), useful for generating good encryption keys for AES_ENCRYPT.

kdf_name is "hkdf" or "pbkdf2_hmac" (default)
width (in bits) can be any number divisible by 8, by default it's taken from @@block_encryption_mode
iterations must be positive, and is 1000 by default

Note that OpenSSL 1.0 doesn't support HKDF, so in this case NULL is returned. This OpenSSL version is still used in SLES 12 and CentOS 7.

Examples

select hex(kdf('foo', 'bar', 'infa', 'hkdf')); 
+----------------------------------------+
| hex(kdf('foo', 'bar', 'infa', 'hkdf')) |
+----------------------------------------+
| 612875F859CFB4EE0DFEFF9F2A18E836       |
+----------------------------------------+

Comments

Comments loading...

Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.

↑ Encryption, Hashing and Compression Functions ↑
AES_DECRYPT
AES_ENCRYPT
COMPRESS
DECODE
DES_DECRYPT
DES_ENCRYPT
ENCODE
ENCRYPT
KDF
MD5
OLD_PASSWORD
PASSWORD
RANDOM_BYTES
SHA1
SHA2
UNCOMPRESS
UNCOMPRESSED_LENGTH