pgsmcrypto

PostgreSQL SM Algorithm Extension

Overview

Package	Version	Category	License	Language
`pgsmcrypto`	`0.1.1`	SEC	MIT	Rust

ID	Extension	Bin	Lib	Load	Create	Trust	Reloc	Schema
7060	`pgsmcrypto`	No	Yes	No	Yes	No	No	-

Related	`pgsodium` `pgcryptokey` `pgcrypto` `pg_tde` `sslutils` `faker` `uuid-ossp` `lo`

manual updated pgrx by Vonng

Version

Type	Repo	Version	PG Ver	Package	Deps
EXT	PIGSTY	`0.1.1`	1817161514	`pgsmcrypto`	-
RPM	PIGSTY	`0.1.1`	1817161514	`pgsmcrypto_$v`	-
DEB	PIGSTY	`0.1.1`	1817161514	`postgresql-$v-pgsmcrypto`	-

OS / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PIGSTY 0.1.1 el8.x86_64.pg18 : pgsmcrypto_18 pgsmcrypto_18-0.1.1-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.1 · 845.9KiB	PIGSTY 0.1.1 el8.x86_64.pg17 : pgsmcrypto_17 pgsmcrypto_17-0.1.1-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.1 · 845.5KiB	PIGSTY 0.1.1 el8.x86_64.pg16 : pgsmcrypto_16 pgsmcrypto_16-0.1.1-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.1 · 845.5KiB	PIGSTY 0.1.1 el8.x86_64.pg15 : pgsmcrypto_15 pgsmcrypto_15-0.1.1-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.1 · 845.8KiB	PIGSTY 0.1.1 el8.x86_64.pg14 : pgsmcrypto_14 pgsmcrypto_14-0.1.1-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.1.1 · 845.7KiB
el8.aarch64	PIGSTY 0.1.1 el8.aarch64.pg18 : pgsmcrypto_18 pgsmcrypto_18-0.1.1-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.1 · 667.4KiB	PIGSTY 0.1.1 el8.aarch64.pg17 : pgsmcrypto_17 pgsmcrypto_17-0.1.1-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.1 · 667.3KiB	PIGSTY 0.1.1 el8.aarch64.pg16 : pgsmcrypto_16 pgsmcrypto_16-0.1.1-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.1 · 667.3KiB	PIGSTY 0.1.1 el8.aarch64.pg15 : pgsmcrypto_15 pgsmcrypto_15-0.1.1-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.1 · 667.3KiB	PIGSTY 0.1.1 el8.aarch64.pg14 : pgsmcrypto_14 pgsmcrypto_14-0.1.1-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.1.1 · 667.2KiB
el9.x86_64	PIGSTY 0.1.1 el9.x86_64.pg18 : pgsmcrypto_18 pgsmcrypto_18-0.1.1-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.1 · 877.0KiB	PIGSTY 0.1.1 el9.x86_64.pg17 : pgsmcrypto_17 pgsmcrypto_17-0.1.1-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.1 · 877.2KiB	PIGSTY 0.1.1 el9.x86_64.pg16 : pgsmcrypto_16 pgsmcrypto_16-0.1.1-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.1 · 877.3KiB	PIGSTY 0.1.1 el9.x86_64.pg15 : pgsmcrypto_15 pgsmcrypto_15-0.1.1-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.1 · 875.5KiB	PIGSTY 0.1.1 el9.x86_64.pg14 : pgsmcrypto_14 pgsmcrypto_14-0.1.1-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.1.1 · 875.8KiB
el9.aarch64	PIGSTY 0.1.1 el9.aarch64.pg18 : pgsmcrypto_18 pgsmcrypto_18-0.1.1-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.1 · 727.2KiB	PIGSTY 0.1.1 el9.aarch64.pg17 : pgsmcrypto_17 pgsmcrypto_17-0.1.1-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.1 · 727.2KiB	PIGSTY 0.1.1 el9.aarch64.pg16 : pgsmcrypto_16 pgsmcrypto_16-0.1.1-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.1 · 727.1KiB	PIGSTY 0.1.1 el9.aarch64.pg15 : pgsmcrypto_15 pgsmcrypto_15-0.1.1-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.1 · 726.7KiB	PIGSTY 0.1.1 el9.aarch64.pg14 : pgsmcrypto_14 pgsmcrypto_14-0.1.1-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.1.1 · 727.2KiB
el10.x86_64	PIGSTY 0.1.1 el10.x86_64.pg18 : pgsmcrypto_18 pgsmcrypto_18-0.1.1-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.1 · 884.8KiB	PIGSTY 0.1.1 el10.x86_64.pg17 : pgsmcrypto_17 pgsmcrypto_17-0.1.1-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.1 · 884.5KiB	PIGSTY 0.1.1 el10.x86_64.pg16 : pgsmcrypto_16 pgsmcrypto_16-0.1.1-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.1 · 883.1KiB	PIGSTY 0.1.1 el10.x86_64.pg15 : pgsmcrypto_15 pgsmcrypto_15-0.1.1-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.1 · 880.1KiB	PIGSTY 0.1.1 el10.x86_64.pg14 : pgsmcrypto_14 pgsmcrypto_14-0.1.1-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.1.1 · 884.8KiB
el10.aarch64	PIGSTY 0.1.1 el10.aarch64.pg18 : pgsmcrypto_18 pgsmcrypto_18-0.1.1-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.1 · 736.7KiB	PIGSTY 0.1.1 el10.aarch64.pg17 : pgsmcrypto_17 pgsmcrypto_17-0.1.1-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.1 · 736.6KiB	PIGSTY 0.1.1 el10.aarch64.pg16 : pgsmcrypto_16 pgsmcrypto_16-0.1.1-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.1 · 735.7KiB	PIGSTY 0.1.1 el10.aarch64.pg15 : pgsmcrypto_15 pgsmcrypto_15-0.1.1-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.1 · 735.8KiB	PIGSTY 0.1.1 el10.aarch64.pg14 : pgsmcrypto_14 pgsmcrypto_14-0.1.1-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.1.1 · 736.7KiB
d12.x86_64	PIGSTY 0.1.1 d12.x86_64.pg18 : postgresql-18-pgsmcrypto postgresql-18-pgsmcrypto_0.1.1-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.1 · 705.9KiB	PIGSTY 0.1.1 d12.x86_64.pg17 : postgresql-17-pgsmcrypto postgresql-17-pgsmcrypto_0.1.1-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.1 · 706.8KiB	PIGSTY 0.1.1 d12.x86_64.pg16 : postgresql-16-pgsmcrypto postgresql-16-pgsmcrypto_0.1.1-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.1 · 709.2KiB	PIGSTY 0.1.1 d12.x86_64.pg15 : postgresql-15-pgsmcrypto postgresql-15-pgsmcrypto_0.1.1-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.1 · 706.2KiB	PIGSTY 0.1.1 d12.x86_64.pg14 : postgresql-14-pgsmcrypto postgresql-14-pgsmcrypto_0.1.1-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.1.1 · 705.8KiB
d12.aarch64	PIGSTY 0.1.1 d12.aarch64.pg18 : postgresql-18-pgsmcrypto postgresql-18-pgsmcrypto_0.1.1-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.1 · 531.7KiB	PIGSTY 0.1.1 d12.aarch64.pg17 : postgresql-17-pgsmcrypto postgresql-17-pgsmcrypto_0.1.1-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.1 · 531.8KiB	PIGSTY 0.1.1 d12.aarch64.pg16 : postgresql-16-pgsmcrypto postgresql-16-pgsmcrypto_0.1.1-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.1 · 532.1KiB	PIGSTY 0.1.1 d12.aarch64.pg15 : postgresql-15-pgsmcrypto postgresql-15-pgsmcrypto_0.1.1-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.1 · 532.2KiB	PIGSTY 0.1.1 d12.aarch64.pg14 : postgresql-14-pgsmcrypto postgresql-14-pgsmcrypto_0.1.1-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.1.1 · 531.5KiB
d13.x86_64	PIGSTY 0.1.1 d13.x86_64.pg18 : postgresql-18-pgsmcrypto postgresql-18-pgsmcrypto_0.1.1-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.1 · 707.7KiB	PIGSTY 0.1.1 d13.x86_64.pg17 : postgresql-17-pgsmcrypto postgresql-17-pgsmcrypto_0.1.1-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.1 · 707.7KiB	PIGSTY 0.1.1 d13.x86_64.pg16 : postgresql-16-pgsmcrypto postgresql-16-pgsmcrypto_0.1.1-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.1 · 709.1KiB	PIGSTY 0.1.1 d13.x86_64.pg15 : postgresql-15-pgsmcrypto postgresql-15-pgsmcrypto_0.1.1-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.1 · 707.5KiB	PIGSTY 0.1.1 d13.x86_64.pg14 : postgresql-14-pgsmcrypto postgresql-14-pgsmcrypto_0.1.1-1PIGSTY~trixie_amd64.deb PIGSTY · 0.1.1 · 705.7KiB
d13.aarch64	PIGSTY 0.1.1 d13.aarch64.pg18 : postgresql-18-pgsmcrypto postgresql-18-pgsmcrypto_0.1.1-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.1 · 532.1KiB	PIGSTY 0.1.1 d13.aarch64.pg17 : postgresql-17-pgsmcrypto postgresql-17-pgsmcrypto_0.1.1-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.1 · 532.0KiB	PIGSTY 0.1.1 d13.aarch64.pg16 : postgresql-16-pgsmcrypto postgresql-16-pgsmcrypto_0.1.1-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.1 · 532.3KiB	PIGSTY 0.1.1 d13.aarch64.pg15 : postgresql-15-pgsmcrypto postgresql-15-pgsmcrypto_0.1.1-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.1 · 532.1KiB	PIGSTY 0.1.1 d13.aarch64.pg14 : postgresql-14-pgsmcrypto postgresql-14-pgsmcrypto_0.1.1-1PIGSTY~trixie_arm64.deb PIGSTY · 0.1.1 · 532.1KiB
u22.x86_64	PIGSTY 0.1.1 u22.x86_64.pg18 : postgresql-18-pgsmcrypto postgresql-18-pgsmcrypto_0.1.1-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.1 · 800.4KiB	PIGSTY 0.1.1 u22.x86_64.pg17 : postgresql-17-pgsmcrypto postgresql-17-pgsmcrypto_0.1.1-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.1 · 801.2KiB	PIGSTY 0.1.1 u22.x86_64.pg16 : postgresql-16-pgsmcrypto postgresql-16-pgsmcrypto_0.1.1-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.1 · 802.0KiB	PIGSTY 0.1.1 u22.x86_64.pg15 : postgresql-15-pgsmcrypto postgresql-15-pgsmcrypto_0.1.1-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.1 · 803.1KiB	PIGSTY 0.1.1 u22.x86_64.pg14 : postgresql-14-pgsmcrypto postgresql-14-pgsmcrypto_0.1.1-1PIGSTY~jammy_amd64.deb PIGSTY · 0.1.1 · 800.1KiB
u22.aarch64	PIGSTY 0.1.1 u22.aarch64.pg18 : postgresql-18-pgsmcrypto postgresql-18-pgsmcrypto_0.1.1-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.1 · 644.1KiB	PIGSTY 0.1.1 u22.aarch64.pg17 : postgresql-17-pgsmcrypto postgresql-17-pgsmcrypto_0.1.1-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.1 · 642.9KiB	PIGSTY 0.1.1 u22.aarch64.pg16 : postgresql-16-pgsmcrypto postgresql-16-pgsmcrypto_0.1.1-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.1 · 643.9KiB	PIGSTY 0.1.1 u22.aarch64.pg15 : postgresql-15-pgsmcrypto postgresql-15-pgsmcrypto_0.1.1-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.1 · 643.2KiB	PIGSTY 0.1.1 u22.aarch64.pg14 : postgresql-14-pgsmcrypto postgresql-14-pgsmcrypto_0.1.1-1PIGSTY~jammy_arm64.deb PIGSTY · 0.1.1 · 644.4KiB
u24.x86_64	PIGSTY 0.1.1 u24.x86_64.pg18 : postgresql-18-pgsmcrypto postgresql-18-pgsmcrypto_0.1.1-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.1 · 799.4KiB	PIGSTY 0.1.1 u24.x86_64.pg17 : postgresql-17-pgsmcrypto postgresql-17-pgsmcrypto_0.1.1-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.1 · 797.3KiB	PIGSTY 0.1.1 u24.x86_64.pg16 : postgresql-16-pgsmcrypto postgresql-16-pgsmcrypto_0.1.1-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.1 · 793.9KiB	PIGSTY 0.1.1 u24.x86_64.pg15 : postgresql-15-pgsmcrypto postgresql-15-pgsmcrypto_0.1.1-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.1 · 795.9KiB	PIGSTY 0.1.1 u24.x86_64.pg14 : postgresql-14-pgsmcrypto postgresql-14-pgsmcrypto_0.1.1-1PIGSTY~noble_amd64.deb PIGSTY · 0.1.1 · 796.9KiB
u24.aarch64	PIGSTY 0.1.1 u24.aarch64.pg18 : postgresql-18-pgsmcrypto postgresql-18-pgsmcrypto_0.1.1-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.1 · 631.2KiB	PIGSTY 0.1.1 u24.aarch64.pg17 : postgresql-17-pgsmcrypto postgresql-17-pgsmcrypto_0.1.1-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.1 · 631.1KiB	PIGSTY 0.1.1 u24.aarch64.pg16 : postgresql-16-pgsmcrypto postgresql-16-pgsmcrypto_0.1.1-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.1 · 631.1KiB	PIGSTY 0.1.1 u24.aarch64.pg15 : postgresql-15-pgsmcrypto postgresql-15-pgsmcrypto_0.1.1-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.1 · 631.2KiB	PIGSTY 0.1.1 u24.aarch64.pg14 : postgresql-14-pgsmcrypto postgresql-14-pgsmcrypto_0.1.1-1PIGSTY~noble_arm64.deb PIGSTY · 0.1.1 · 631.2KiB

Build

You can build the RPM / DEB packages for pgsmcrypto using pig build:

pig build pkg pgsmcrypto         # build RPM / DEB packages

Install

You can install pgsmcrypto directly. First, make sure the PGDG and PIGSTY repositories are added and enabled:

pig repo add pgsql -u          # Add repo and update cache

Install the extension using pig or apt/yum/dnf:

pig install pgsmcrypto;          # Install for current active PG version

pig ext install -y pgsmcrypto -v 18  # PG 18
pig ext install -y pgsmcrypto -v 17  # PG 17
pig ext install -y pgsmcrypto -v 16  # PG 16
pig ext install -y pgsmcrypto -v 15  # PG 15
pig ext install -y pgsmcrypto -v 14  # PG 14

dnf install -y pgsmcrypto_18       # PG 18
dnf install -y pgsmcrypto_17       # PG 17
dnf install -y pgsmcrypto_16       # PG 16
dnf install -y pgsmcrypto_15       # PG 15
dnf install -y pgsmcrypto_14       # PG 14

apt install -y postgresql-18-pgsmcrypto   # PG 18
apt install -y postgresql-17-pgsmcrypto   # PG 17
apt install -y postgresql-16-pgsmcrypto   # PG 16
apt install -y postgresql-15-pgsmcrypto   # PG 15
apt install -y postgresql-14-pgsmcrypto   # PG 14

Create Extension:

CREATE EXTENSION pgsmcrypto;

Usage

pgsmcrypto: SM national cryptographic algorithm extension for PostgreSQL

pgsmcrypto provides Chinese national cryptographic (SM series) algorithms for PostgreSQL, including SM3 hashing, SM2 asymmetric encryption/signing, and SM4 symmetric encryption.

CREATE EXTENSION pgsmcrypto;

SM3 Message Digest

SELECT sm3_hash_string('abc');              -- Returns 64-char hex string (32 bytes)
SELECT sm3_hash('abc'::bytea);              -- Hash bytea input
SELECT sm3_hash(E'\\x616263');              -- Hash raw hex input

SM2 Asymmetric Encryption

Key Generation

SELECT sm2_gen_keypair();                   -- Returns {private_key, public_key} array
SELECT sm2_privkey_valid('f774...');        -- Validate private key (1=valid)
SELECT sm2_pubkey_valid('8093...');         -- Validate public key (1=valid)
SELECT sm2_pk_from_sk('f774...');           -- Derive public key from private key

Key Export/Import (PEM)

SELECT sm2_keypair_to_pem_bytes('f774...');       -- Private key to PEM
SELECT sm2_pubkey_to_pem_bytes('8093...');        -- Public key to PEM
SELECT sm2_keypair_from_pem_bytes(pem_bytes);     -- Import from PEM
SELECT sm2_pubkey_from_pem_bytes(pem_bytes);      -- Import public key from PEM

Sign and Verify

-- Raw sign/verify (signs message directly)
WITH s AS (
    SELECT sm2_sign_raw('abc'::bytea, 'f774...') AS sig
)
SELECT sm2_verify_raw('abc'::bytea, sig, '8093...') FROM s;

-- Standard sign/verify (SM2 specification with id + SM3 digest)
WITH s AS (
    SELECT sm2_sign('myid'::bytea, 'abc'::bytea, 'f774...') AS sig
)
SELECT sm2_verify('myid'::bytea, 'abc'::bytea, sig, '8093...') FROM s;

Encrypt and Decrypt

-- Standard encrypt/decrypt
WITH c AS (
    SELECT sm2_encrypt('abc'::bytea, '8093...') AS enc
)
SELECT sm2_decrypt(enc, 'f774...') FROM c;

-- Also available: sm2_encrypt_c1c2c3, sm2_encrypt_asna1, sm2_encrypt_hex, sm2_encrypt_base64
-- with corresponding decrypt variants

SM4 Symmetric Encryption

-- ECB mode (key must be 16 bytes)
SELECT sm4_encrypt_ecb('abc'::bytea, '1234567812345678'::bytea);
SELECT sm4_decrypt_ecb(encrypted, '1234567812345678'::bytea);

-- CBC mode (key and IV must be 16 bytes)
SELECT sm4_encrypt_cbc('abc'::bytea, '1234567812345678'::bytea, '0000000000000000'::bytea);
SELECT sm4_decrypt_cbc(encrypted, '1234567812345678'::bytea, '0000000000000000'::bytea);

Feedback

Was this page helpful?

Thanks for the feedback! Please let us know how we can improve.

Sorry to hear that. Please let us know how we can improve.

Last Modified 2026-03-12: add pg extension catalog (95749bf)