Use KEYSET_TO_JSON to convert a BINARY keyset to a readable JSON string - MaxCompute

Converts a BINARY keyset to a human-readable JSON string, letting you inspect the keyset's key metadata.

Syntax

STRING KEYSET_TO_JSON(BINARY <keyset>)

Parameters

keyset: Required. A BINARY value representing an existing keyset.

Return value

Returns a STRING containing the keyset in JSON format. The JSON object includes the following fields:

Field	Description
`key_id`	The ID of the key.
`key_material_origin`	The origin of the key material.
`key_material_type`	The encryption type of the key.
`type`	The algorithm type of the key.
`value`	The key value.
`output_prefix_type`	The format of the ciphertext produced by encryption.

Note

To convert a BINARY value to STRING, use HEX. To convert a STRING value back to BINARY, use UNHEX.

Example

SELECT KEYSET_TO_JSON(unhex('0A1072384D715A414541385044643351534C12580A330A0B4145532D47434D2D323536122026A8FB1126DF4F5B5DD03C180E6919565D7716CBB291815EFB5BBF30F8BEF9AF1801200210011A1072384D715A414541385044643351534C20022A0B68656C6C6F20776F726C64'));

Output:

+------------+
| _c0        |
+------------+
| {
    "key": [{
            "description": "hello world",
            "key_id": "r8MqZAEA8PDd3QSL",
            "key_meta_data": {
                "key_material_origin": "Origin_ALIYUN_MAXCOMPUTE",
                "key_material_type": "SYMMETRIC",
                "type": "AES-GCM-256",
                "value": "Jqj7ESbfT1td0DwYDmkZVl13FsuykYFe+1u/MPi++a8="},
            "output_prefix_type": "PREFIX_ALIYUN_MAXCOMPUTE",
            "status": "ENABLED"}],
    "primary_key_id": "r8MqZAEA8PDd3QSL"} |
+------------+

References

Reference	Description
Use keysets	How to use keyset-related encryption and decryption functions.
NEW_KEYSET	Creates a keyset based on a specified algorithm type.
ADD_KEY_TO_KEYSET	Adds a key to a keyset and sets it as the master key.
KEYSET_TO_JSON	Describes the KEYSET_TO_JSON function. The function is used to convert a keyset of the BINARY type into a readable JSON string. After the conversion, you can view the details of the keyset.
KEYSET_FROM_JSON	Converts a JSON keyset to a BINARY keyset.
ROTATE_KEYSET	Rotates a keyset by generating a new key and setting it as the master key.
NEW_WRAPPED_KEYSET	Creates a wrapped keyset by assuming a role ARN to use a KMS customer master key (CMK). The role ARN is specified by `role_arn` and the KMS CMK ARN by `kms_cmk_arn`. Supports granting cross-account decryption permissions via `role_chain`.
REWRAP_KEYSET	Re-encrypts a wrapped keyset using a specified KMS key.
ROTATE_WRAPPED_KEYSET	Rotates a wrapped keyset and re-encrypts it with the new key.
USE_WRAPPED_KEYSET	Converts a wrapped keyset into a basic keyset for use in encryption or decryption functions. Also retrieves information about a wrapped keyset for subsequent keyset maintenance.
ENHANCED_SYM_ENCRYPT	Encrypts data using a specified keyset.
ENHANCED_SYM_DECRYPT	Decrypts data using a specified keyset.