Oracle 10g 加密包 DBMS_CRYPTO

Oracle DBMS_CRYPTO

Version 10.2

General Information

Source

{ORACLE_HOME}/rdbms/admin/dbmsobtk.sql

Algorithm Constants

Name	Data Type	Value
Hash Functions
HASH_MD4 (128 bit hash)	PLS_INTEGER	1
HASH_MD5 (128 bit hash)	PLS_INTEGER	2
HASH_SH1 (160 bit hash)	PLS_INTEGER	3
MAC Functions
HMAC_MD5 (128 bit hash)	PLS_INTEGER	1
HMAC_SH1 (160 bit hash)	PLS_INTEGER	2
Block Cipher Algorithms
ENCRYPT_DES (56 bit)	PLS_INTEGER	1; -- 0x0001
ENCRYPT_3DES_2KEY (128 bit)	PLS_INTEGER	2; -- 0x0002
ENCRYPT_3DES	PLS_INTEGER	3; -- 0x0003
ENCRYPT_AES128 (128 bit)	PLS_INTEGER	6; -- 0x0006
ENCRYPT_AES192 (192 bit)	PLS_INTEGER	7; -- 0x0007
ENCRYPT_AES256 (256 bit)	PLS_INTEGER	8; -- 0x0008
ENCRYPT_RC4 (Stream Cipher)	PLS_INTEGER	129; -- 0x0081
Block Cipher Chaining Modifiers
CHAIN_CBC (Cipher Block Chaining)	PLS_INTEGER	256; -- 0x0100
CHAIN_CFB (Cipher Feedback)	PLS_INTEGER	512; -- 0x0200
CHAIN_ECB (Electronic cookbook)	PLS_INTEGER	768; -- 0x0300
CHAIN_OFB (Output Feedback)	PLS_INTEGER	1024; -- 0x0400
Block Cipher Padding Modifiers
PAD_PKCS5 (Complies with PKCS #5)	PLS_INTEGER	4096; -- 0x1000
PAD_NONE (No Dadding)	PLS_INTEGER	8192; -- 0x2000
PAD_ZERO (Pad with Zeros)	PLS_INTEGER	12288; -- 0x3000
Block Ciphers Suites
DES_CBC_PKCS5	PLS_INTEGER	ENCRYPT_DES + CHAIN_CBC + PAD_PKCS5;
DES3_CBC_PKCS5	PLS_INTEGER	ENCRYPT_3DES + CHAIN_CBC + PAD_PKCS5;

Dependencies

DBMS_CRYPTO_FFI	DECRYPTBYTES	ENCRYPTBYTES
DECRYPT	ENCRYPT	UTL_RAW

Exceptions

Error Code	Reason
28827	The specified cipher suite is not defined
28829	No value has been specified for the cipher suite to be used
28233	Source data was previously encrypted
28234	DES: Specified key size too short. DES keys must be at least 8 bytes (64 bits). AES: Specified key size is not supported. AES keys must be 128, 192, or 256 bits
28239	The encryption key has not been specified or contains a NULL value

DECRYPT

Decrypt crypt text data using stream or block cipher with user supplied key and optional iv

Overload 1

dbms_crypto.decrypt(src IN RAW, typ IN PLS_INTEGER, key IN RAW,
iv IN RAW DEFAULT NULL) RETURN RAW;

See Encrypt Overload 1 demo

Overload 2

dbms_crypto.decrypt(dst IN OUT NOCOPY BLOB, src IN BLOB,
typ IN PLS_INTEGER, key IN RAW, iv IN RAW DEFAULT NULL);

Overload 3

dbms_crypto.decrypt (dst IN OUT NOCOPY CLOB CHARACTER SET ANY_CS,
src IN BLOB, typ IN PLS_INTEGER, key IN RAW,
iv IN RAW DEFAULT NULL);

ENCRYPT

Encrypt plain text data using stream or block cipher with user supplied key and optional iv

Overload 1

dbms_crypto.encrypt(src IN RAW, typ IN PLS_INTEGER, key IN RAW,
iv IN RAW DEFAULT NULL) RETURN RAW;

set serveroutput on

DECLARE
l_credit_card_no VARCHAR2(19) := '1234-5678-9012-3456';
l_ccn_raw RAW(128) := utl_raw.cast_to_raw(l_credit_card_no);
l_key RAW(128) := utl_raw.cast_to_raw('abcdefgh');

l_encrypted_raw RAW(2048);
l_decrypted_raw RAW(2048);
BEGIN
dbms_output.put_line('Original : ' || l_credit_card_no);

l_encrypted_raw := dbms_crypto.encrypt(l_ccn_raw,
dbms_crypto.des_cbc_pkcs5, l_key);

dbms_output.put_line('Encrypted : ' ||
RAWTOHEX(utl_raw.cast_to_raw(l_encrypted_raw)));

l_decrypted_raw := dbms_crypto.decrypt(src => l_encrypted_raw,
typ => dbms_crypto.des_cbc_pkcs5, key => l_key);

dbms_output.put_line('Decrypted : ' ||
utl_raw.cast_to_varchar2(l_decrypted_raw));
END;
/

set serveroutput on

DECLARE
enc_val   RAW(2000);
l_key     RAW(2000);
l_key_len NUMBER := 128/8; -- convert bits to bytes
l_mod     NUMBER := dbms_crypto.ENCRYPT_AES128
+ dbms_crypto.CHAIN_CBC + dbms_crypto.PAD_PKCS5;

BEGIN
l_key := dbms_crypto.randombytes(l_key_len);

enc_val := dbms_crypto.encrypt(
utl_i18n.string_to_raw('1234-5678-9012-3456', 'AL32UTF8'),
l_mod, l_key);

dbms_output.put_line(enc_val);
END;
/

Overload 2

dbms_crypto.encrypt(dst IN OUT NOCOPY BLOB, src IN BLOB,
typ IN PLS_INTEGER, key IN RAW, iv IN RAW DEFAULT NULL);

Overload 3

dbms_crypto.encrypt(dst IN OUT NOCOPY BLOB,
src IN CLOB CHARACTER SET ANY_CS, typ IN PLS_INTEGER, key IN RAW, iv IN RAW DEFAULT NULL);

dbms_crypto.encrypt(UTL_RAW.CAST_TO_RAW(CONVERT('XXX','AL32UTF8')),typ,key);

HASH

Hash source data by cryptographic hash type

Overload 1

dbms_crypto.hash(src IN RAW, typ IN PLS_INTEGER) RETURN RAW;

Overload 2

dbms_crypto.hash(src IN BLOB, typ IN PLS_INTEGER) RETURN RAW;

Overload 3

dbms_crypto.hash(src IN CLOB CHARACTER SET ANY_CS,
typ IN PLS_INTEGER) RETURN RAW;

MAC

Message Authentication Code algorithms provide keyed message protection

Overload 1

dbms_crypto.mac(src IN RAW, typ IN PLS_INTEGER, key IN RAW)
RETURN RAW;

Overload 2

dbms_crypto.mac(src IN BLOB, typ IN PLS_INTEGER, key IN RAW)
RETURN RAW;

Overload 3

dbms_crypto.mac(src IN CLOB CHARACTER SET ANY_CS,
typ IN PLS_INTEGER, key IN RAW) RETURN RAW;

RANDOMBYTES

Returns a raw value containing a pseudo-random sequence of bytes

dbms_crypto.randomnytes(number_bytes PLS_INTEGER) RETURN RAW;

SELECT dbms_crypto.randombytes(1) FROM dual;
SELECT LENGTH(dbms_crypto.randombytes(1)) FROM dual;

SELECT dbms_crypto.randombytes(28) FROM dual;
SELECT LENGTH(dbms_crypto.randombytes(28)) FROM dual;

SELECT dbms_crypto.randombytes(64) FROM dual;
SELECT LENGTH(dbms_crypto.randombytes(64)) FROM dual;

RANDOMINTEGER

Returns a random BINARY_INTEGER

dbms_crypto.randominteger RETURN NUMBER;

SELECT dbms_crypto.randominteger FROM dual;

RANDOMNUMBER

Returns a random Oracle Number

dbms_crypto.randomnumber RETURN NUMBER;

SELECT dbms_crypto.randomnumber FROM dual;

相关阅读:
RabbitMQ系列（四）RabbitMQ事务和Confirm发送方消息确认——深入解读
 RabbitMQ系列（三）RabbitMQ交换器Exchange介绍与实践
 RabbitMQ系列（二）深入了解RabbitMQ工作原理及简单使用
 MyEclipse2017破解设置与maven项目搭建
 带你玩转七牛云存储——高级篇
 RabbitMQ系列（一）RabbitMQ在Ubuntu上的环境搭建
 ubuntu搭建nodejs生产环境——快速部署手册
 基于python的图片修复程序-可用于水印去除
 超简单的视频对象提取程序
 Ubuntu apt-get和pip国内源更换
原文地址：https://www.cnblogs.com/SharkXu/p/DBMS_Crypto.html