首页 » ORACLE 9i-23c » oracle10G 加密解密之dbms_crypto (一)
oracle10G 加密解密之dbms_crypto (一)
DBMS_CRYPTO
oracle10g 提供的DBMS_CRYPTO 用来替换8I,9I前的DBMS_OBFUSCATION_TOOLKIT 包,这个包在10G以前的版本是没有的,它提供了更多的加密算法应用更方便。
* Cryptographic algorithms – DES, 3DES, AES, RC4, 3DES_2KEY
* Padding forms – PKCS5, zeroes
* Block cipher chaining modes – CBC, CFB, ECB, OFB
* Cryptographic hash algorithms – MD5, SHA-1, MD4
* Keyed hash (MAC) algorithms – HMAC_MD5, HMAC_SH1
* Cryptographic pseudo-random number generator – RAW, NUMBER, BINARY_INTEGER
* Database types – RAW, CLOB, BLOB
包的创建方法
sql>@{ORACLE_HOME}/rdbms/admin/dbmsobtk.sql
SET LONG 10000 select dbms_metadata.get_ddl('PACKAGE','DBMS_CRYPTO') FROM DUAL; DBMS_METADATA.GET_DDL('PACKAGE','DBMS_CRYPTO') -------------------------------------------------------------------------------- CREATE OR REPLACE PACKAGE "SYS"."DBMS_CRYPTO" AS --------------------------------------------------------------------------- -- -- PACKAGE NOTES -- -- DBMS_CRYPTO contains basic cryptographic functions and -- procedures. To use correctly and securely, a general level of -- security expertise is assumed. -- -- VARCHAR2 datatype is not supported. Cryptographic operations -- on this type should be prefaced with conversions to a uniform -- character set (AL32UTF8) and conversion to RAW type. -- -- Prior to encryption, hashing or keyed hashing, CLOB datatype is -- converted to AL32UTF8. This allows cryptographic data to be -- transferred and understood between databases with different -- character sets, across character set changes and between -- separate processes (for example, Java programs). -- --------------------------------------------------------------------------- -------------------------- ALGORITHM CONSTANTS ---------------------------- -- The following constants refer to various types of cryptographic -- functions available from this package. Some of the constants -- represent modifiers to these algorithms. --------------------------------------------------------------------------- -- Hash Functions HASH_MD4 CONSTANT PLS_INTEGER := 1; HASH_MD5 CONSTANT PLS_INTEGER := 2; HASH_SH1 CONSTANT PLS_INTEGER := 3; -- MAC Functions HMAC_MD5 CONSTANT PLS_INTEGER := 1; HMAC_SH1 CONSTANT PLS_INTEGER := 2; -- Block Cipher Algorithms ENCRYPT_DES CONSTANT PLS_INTEGER := 1; -- 0x0001 ENCRYPT_3DES_2KEY CONSTANT PLS_INTEGER := 2; -- 0x0002 ENCRYPT_3DES CONSTANT PLS_INTEGER := 3; -- 0x0003 ENCRYPT_AES CONSTANT PLS_INTEGER := 4; -- 0x0004 ENCRYPT_PBE_MD5DES CONSTANT PLS_INTEGER := 5; -- 0x0005 ENCRYPT_AES128 CONSTANT PLS_INTEGER := 6; -- 0x0006 ENCRYPT_AES192 CONSTANT PLS_INTEGER := 7; -- 0x0007 ENCRYPT_AES256 CONSTANT PLS_INTEGER := 8; -- 0x0008 -- Block Cipher Chaining Modifiers CHAIN_CBC CONSTANT PLS_INTEGER := 256; -- 0x0100 CHAIN_CFB CONSTANT PLS_INTEGER := 512; -- 0x0200 CHAIN_ECB CONSTANT PLS_INTEGER := 768; -- 0x0300 CHAIN_OFB CONSTANT PLS_INTEGER := 1024; -- 0x0400 -- Block Cipher Padding Modifiers PAD_PKCS5 CONSTANT PLS_INTEGER := 4096; -- 0x1000 PAD_NONE CONSTANT PLS_INTEGER := 8192; -- 0x2000 PAD_ZERO CONSTANT PLS_INTEGER := 12288; -- 0x3000 PAD_ORCL CONSTANT PLS_INTEGER := 16384; -- 0x4000 -- Stream Cipher Algorithms ENCRYPT_RC4 CONSTANT PLS_INTEGER := 129; -- 0x0081 -- Convenience Constants for Block Ciphers DES_CBC_PKCS5 CONSTANT PLS_INTEGER := ENCRYPT_DES + CHAIN_CBC + PAD_PKCS5; DES3_CBC_PKCS5 CONSTANT PLS_INTEGER := ENCRYPT_3DES + CHAIN_CBC + PAD_PKCS5; AES_CBC_PKCS5 CONSTANT PLS_INTEGER := ENCRYPT_AES + CHAIN_CBC + PAD_PKCS5; ...
注意下面的语法有问题
SQL>; l 1 CREATE OR REPLACE PACKAGE pkg_secure 2 IS 3 typ PLS_INTEGER :=DBMS_CRYPTO.ENCRYPT_AES256 4 +DBMS_CRYPTO.CHAIN_CBC 5 +DBMS_CRYPTO.PAD_PKCS5; 6 key CONSTANT RAW(32) :='mark123'; 7 8 FUNCTION encrypt(input RAW) RETURN RAW; 9 10 FUNCTION decrypt(encry_str RAW) RETURN RAW; 11 12* END; SQL> / Package created. SQL>; l 1 CREATE OR REPLACE PACKAGE BODY pkg_secure 2 IS 3 FUNCTION encrypt(input RAW) RETURN RAW 4 IS 5 BEGIN 6 RETURN dbms_crypto.encrypt(input,typ,key); 7 END; 8 FUNCTION decrypt(encry_str RAW ) RETURN RAW 9 IS 10 BEGIN 11 RETURN dbms_crypto.decrypt(encry_str,typ,key); 12 END; 13* END; / Package body created.
因篇幅原因,下篇继续
对不起,这篇文章暂时关闭评论。