VarBinary Encryption UDFs
ptyBinaryEnc()
This UDF protects the VarBinary values. If the varbinary data size exceeds 32 MB, then set the configuration in the config.properties file and then restart the Trino server on all the nodes (co-ordinator and worker).
node-manager.http-client.max-content-length=64MB
exchange.http-client.max-content-length=64MB
Signature:
ptyBinaryEnc(VarBinary input, Varchar DataElement)
Parameters:
| Name | Type | Description |
|---|---|---|
input | VarBinary | Specifies the data to encrypt. |
dataElement | VarChar | Specifies the name of the data element to encrypt the data. |
Returns:
This UDF returns the encrypted Varbinary value.
Example:
select ptyBinaryEnc(X'12A23D43', 'AES256');
select ptyBinaryEnc(binary_col1, 'AES256') from table1;
Supported Protection Methods:
| Function Name | Tokenization | Encryption | FPE | No Encryption | Masking | Monitoring |
| ptyBinaryEnc() | No |
| No | Yes | No | Yes |
ptyBinaryDec()
This UDF decrypts the Varbinary value.
Signature:
ptyBinaryDec(VarBinary input, Varchar DataElement)
Parameters:
| Name | Type | Description |
|---|---|---|
input | VarBinary | Specifies the data to decrypt. |
dataElement | VarChar | Specifies the name of the data element to decrypt the data. |
Returns:
This UDF returns the decrypted VarBinary value.
Example:
select ptyBinaryDec(X'215b807cdfbc', 'AES256');
select ptyBinaryDec(binary_col1, 'AES256') from table1;
Supported Protection Methods:
| Function Name | Tokenization | Encryption | FPE | No Encryption | Masking | Monitoring |
| ptyBinaryDec() | No |
| No | Yes | No | Yes |
ptyBinaryReEnc()
This UDF re-encrypts the Varbinary format encrypted data with a different data element.
Signature:
ptyBinaryReEnc(VarBinary input, Varchar oldDataElement, Varchar newDataElement)
Parameters:
| Name | Type | Description |
|---|---|---|
input | VarBinary | Specifies the VarBinary value to re-encrypt. |
oldDataElement | VarChar | Specifies the name of the data element that was initially used to encrypt the data. |
newDataElement | VarChar | Specifies the name of the new data element to re-encrypt the data. |
Returns:
This UDF returns the Varbinary format data, which is re-encrypted.
Tokenization or Format Preserving Data Elements are not supported. Only encryption data elements are supported.
Example:
select ptyBinaryReEnc(X'12A23D43', 'Old_AES256', 'New_AES256');
select ptyBinaryReEnc(binary_col1, 'Old_AES256', 'New_AES256') from table1;
Supported Protection Methods:
| Function Name | Tokenization | Encryption | FPE | No Encryption | Masking | Monitoring |
| ptyBinaryReEnc() | No |
| No | Yes | No | Yes |
Feedback
Was this page helpful?