A.1. DBMS_OBFUSCATION_TOOLKIT This package is available in Oracle9i Database and above, although it is deprecated in Oracle Database 10g. It provides support for encryption, decryption, key generation, and hashing.
This program generates an encryption key that is cryptographically secure. The key can be used with the Triple Data Encryption Standard (DES3) encryption algorithm, both the two-pass and three-pass variants. It is overloaded as a function and a procedure, and is further overloaded for different datatypes. ProcedureVersion 1 Accepts two input parameters and returns the key in the OUT parameter. Parameter name | Datatype | Description |
---|
which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | seed_string | VARCHAR2 | Seed string to be used in generating the key. | key | VARCHAR2 | The only OUT parameter; the generated key is placed here. |
ProcedureVersion 2 Identical to the first version in that it also accepts two input parameters and returns the key in the OUT parameter. The difference is that the parameters are RAW. Parameter name | Datatype | Description |
---|
which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | seed | RAW | Seed string to be used in generating the key. | key | RAW | The only OUT parameter; the generated key is placed here. |
FunctionVersion 1 Accepts two input parameters and returns the generated key. Returns the key as a VARCHAR2. Parameter name | Datatype | Description |
---|
which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | seed_string | VARCHAR2 | Seed string to be used in generating the key. |
FunctionVersion 2 Identical to the first version, except that it deals with RAW datatypes. Returns the key as a RAW value. Parameter name | Datatype | Description |
---|
which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | seed_string | RAW | Seed to be used in generating the key. |
This program generates the keys for the Data Encryption Standard (DES) algorithm. Like DES3GETKEY, it is overloaded with two procedures and two functions. The parameters are the same, except that there is no which parameter. (The DES algorithm uses only a single pass, so there is no need to have a parameter specify two-pass or three-pass schemes as for DES3.)
This program is used to encrypt input data using the DES3 algorithm. It is overloaded as a function and a procedure, and is further overloaded for different datatypes. ProcedureVersion 1 Accepts four input parameters and returns the encrypted value in the OUT parameter. Parameter name | Datatype | Description |
---|
input_string | VARCHAR2 | Input string to be encrypted. Its length must be a multiple of eight. | key_string | VARCHAR2 | Encryption key. Its length must be a multiple of eight. | encrypted_string | VARCHAR2 | The only OUT parameter; the encrypted value is placed here. | which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | iv_string | VARCHAR2 | Initialization vector. This value is added to the input value to reduce the repetition of encrypted values. It is optional. If used, then the combined length of the input string and the IV must be a multiple of eight. |
ProcedureVersion 2 Identical to the first version, except that it accepts inputs in RAW. Parameter Name | Datatype | Description |
---|
input | RAW | Input string to be encrypted. | key | RAW | Encryption key. | encrypted | RAW | The only OUT parameter; the encrypted value is placed here. | which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | iv | RAW | Initialization vector. This value is added to the input value to reduce the repetition of encrypted values. It is optional. |
FunctionVersion 1 Identical to the procedure version. It accepts four parameters and returns the encrypted value as a VARCHAR2. Parameter name | Datatype | Description |
---|
input_string | VARCHAR2 | Input string to be encrypted. Its length must be a multiple of eight. | key_string | VARCHAR2 | Encryption key. Its length must be a multiple of eight. | which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | iv_string | VARCHAR2 | Initialization vector. This value is added to the input value to reduce the repetition of encrypted values. It is optional. If used, then the combined length of the input string and the IV must be a multiple of eight. |
FunctionVersion 2 Identical to the first version, except that it accepts parameters in RAW and returns the encrypted value as a RAW. Parameter name | Datatype | Description |
---|
input | RAW | Input string to be encrypted. | key | RAW | Encryption key. | which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | iv | RAW | Initialization vector. This value is added to the input value to reduce the repetition of encrypted values. It is optional. |
This program performs encryption for the DES algorithm. It is overloaded and its programs (two procedures and two functions) are identical to DES3ENCRYPT except that there is no which parameter. Because the DES algorithm uses only one pass, there is no need to specify a two- or three-pass scheme as there is with the DES3 algorithm.
This program decrypts an encrypted data using the DES3 algorithm. As with its encryption sister program DES3ENCRYPT, it is overloaded as a function and a procedure, and is further overloaded for different datatypes. ProcedureVersion 1 Accepts four input parameters and returns the decrypted value in the OUT parameter. Parameter name | Datatype | Description |
---|
input_string | VARCHAR2 | Encrypted string to be decrypted. | key_string | VARCHAR2 | Encryption key; this must be the same one used during encryption. | decrypted_string | VARCHAR2 | The only OUT parameter; the decrypted value is placed here. | which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | iv_string | VARCHAR2 | Initialization vector. This value is added to the input value to reduce the repetition of encrypted values. It is optional, but if an IV was used during encryption, it must be specified for decryption as well. |
ProcedureVersion 2 Identical to the first version, except that it accepts inputs in RAW. Parameter name | Datatype | Description |
---|
input | RAW | Encrypted value to be decrypted. | key | RAW | Encryption key that was used during encryption. | decrypted_data | RAW | The only OUT parameter; the decrypted value is placed here. | which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | iv | RAW | Initialization vector. This value is added to the input value to reduce repetition of encrypted values. It is optional, but if an IV was used during encryption, it must be specified for decryption as well. |
FunctionVersion 1 Identical to the procedure version. It accepts four parameters and returns the decrypted value in VARCHAR2. Parameter name | Datatype | Description |
---|
input_string | VARCHAR2 | Input string to be decrypted. | key_string | VARCHAR2 | Encryption key; must be the same one used during encryption. | which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | iv_string | VARCHAR2 | Initialization vector. This value is added to the input value to reduce the repetition of encrypted values. This parameter must be specified if it was used during encryption, and it must be the same value used for encryption. |
FunctionVersion 2 Identical to the first version, except that it accepts parameters in RAW and returns the decrypted value in RAW. Parameter name | Datatype | Description |
---|
input_string | RAW | Input string to be decrypted. | key_string | RAW | Encryption key; must be the same one used during encryption. | which | BINARY_INTEGER | Number of passes for Triple DES algorithm: 1 for two-pass, 2 for three-pass. The default is 1 (two-pass). | iv_string | RAW | Initialization vector. This value is added to the input value to reduce the repetition of encrypted values. This parameter must be specified if it was used during encryption, and it must be the same value used for encryption. |
This program performs encryption for the DES algorithm. Like DES3DECRYPT, it is overloaded and its programs (two procedures and two functions) are identical to DES3ENCRYPT except that there is no which parameter. Because the DES algorithm uses only one pass, there is no need to specify a two- or three-pass scheme as there is with the DES3 algorithm.
This program is used to produce a Message Digest 5 (MD5) hash value of an input value. It is overloaded as a function and a procedure, and is further overloaded for different datatypes. ProcedureVersion 1 Accepts one input parameter and returns the hash value in the OUT parameter. Parameter name | Datatype | Description |
---|
input_string | VARCHAR2 | String whose hash value is to be calculated | checksum_string | VARCHAR2 | OUT parameter where the hash value is returned |
ProcedureVersion 2 Identical to the first version, except that the datatypes are RAW. Parameter name | Datatype | Description |
---|
input | RAW | Value whose hash value is to be calculated | checksum | RAW | OUT parameter where the hash value is returned |
FunctionVersion 1 Accepts one input parameter. Returns the hash value as a 16-byte VARCHAR2 value. Parameter name | Datatype | Description |
---|
input_string | VARCHAR2 | String whose hash value is to be calculated |
FunctionVersion 2 Accepts one input parameter. Returns the hash value as a 16-byte RAW value. Parameter Name | Datatype | Description |
---|
input | RAW | Value whose hash value is to be calculated |
|