|
Beveiliging in Oracle 10g - DBMS_CRYPTO |
Het pakket DBMS_CRYPTO is een vervanging van het pakket DBMS_OBFUSCATION_TOOLKIT beschikbaar in Oracle 8i en 9i. Het nieuwe pakket is gemakkelijker te gebruiken en bevat meer cryptografische algoritmen:
- Cryptographic algorithms - DES, 3DES, AES, RC4, 3DES_2KEY
- Padding forms - PKCS5, zeroes
- Block cipher chaining modes - CBC, CFB, ECB, OFB
- Cryptographic hash algorithms - MD5, SHA-1, MD4
- Keyed hash (MAC) algorithms - HMAC_MD5, HMAC_SH1
- Cryptographic pseudo-random number generator - RAW, NUMBER, BINARY_INTEGER
- Database types - RAW, CLOB, BLOB
Een eenvoudig voorbeeld van het is gebruik is:
SET SERVEROUTPUT ON
DECLARE
l_credit_card_no VARCHAR2(19) := '1234 5678 9012 3456';
l_ccn_rawRAW(128) := UTL_RAW.cast_to_raw(l_credit_card_no);
l_key RAW(128) := UTL_RAW.cast_to_raw('abcdefgh');
l_encrypted_raw RAW(2048);
l_decrypted_raw RAW(2048);
BEGIN
DBMS_OUTPUT.put_line('Original : ' || l_credit_card_no);
l_encrypted_raw := DBMS_CRYPTO.encrypt(src => l_ccn_raw,
typ => DBMS_CRYPTO.des_cbc_pkcs5,
key => l_key);
DBMS_OUTPUT.put_line('Encrypted : ' || RAWTOHEX(UTL_RAW.cast_to_raw(l_encrypted_raw)));
l_decrypted_raw := DBMS_CRYPTO.decrypt(src => l_encrypted_raw,
typ => DBMS_CRYPTO.des_cbc_pkcs5,
key => l_key); DBMS_OUTPUT.put_line('Decrypted : ' || UTL_RAW.cast_to_varchar2(l_decrypted_raw));
END;
/
Original : 1234 5678 9012 3456
Encrypted : 3041423134363932354234374545463631304337384433354443433736323331354244454237324635314545
Decrypted : 1234 5678 9012 3456
PL/SQL procedure successfully completed.
Zie ook
|
|
|
