segunda-feira, 6 de dezembro de 2010

Criptografia

Código:

 

declare
  function digest( p_username in varchar2, p_password in varchar2 ) return varchar2
  is
  begin
    return ltrim( to_char( dbms_utility.get_hash_value(
      upper(p_username)||'/'||upper(p_password),
      1000000000,
      power(2,30) ),
      rpad( 'X',29,'X')||'X' ) );
  end digest;
begin
  for x in ( select username from all_users where rownum < 20 )
  loop
    dbms_output.put_line( 'User: ' || rpad( x.username , 30 ) ||
                          ' digest: ' || digest( x.username, 'TIGER' )
    );
  end loop;
end;
/
User: SYS                            digest: 6869FA1A
User: SYSTEM                         digest: 79F08AFC
User: OUTLN                          digest: 5ABFB255
User: DBSNMP                         digest: 43415F6B
User: TRACESVR                       digest: 49CF26F6
User: CTXSYS                         digest: 4910C297
User: OEM                            digest: 69463BC2
User: ORDSYS                         digest: 6F048B2B
User: ORDPLUGINS                     digest: 6547459C
User: MDSYS                          digest: 43C0B367
User: AURORA$ORB$UNAUTHENTICATED     digest: 5073BBFC
User: WEB$CDEJESUS                   digest: 6FB5CDB6
User: SCOTT                          digest: 4307767C
User: WEB$SMAYFIEL                   digest: 71ED5065
User: UTILS                          digest: 5B7912B7
User: OAS_PUBLIC                     digest: 502BAE3A
User: WEBDB                          digest: 5A7AC149
User: WEB$RDRISCOL                   digest: 3E72D3F6
User: WEB$KWARREN                    digest: 7123F5A1

PL/SQL procedure successfully completed.




Agora, se você quer criptografar E descriptografar informações (por exemplo, a coluna de salários dos funcionários). Daí você pode usar uma DBMS do oracle. A Obfuscation toolkit. Este exemplo também foi tirado do asktom...
http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:791026226790

Código:

 

ops$tkyte@DEV816> variable x varchar2(25)
ops$tkyte@DEV816>
ops$tkyte@DEV816> exec :x := 'How Now Brown Cow';

PL/SQL procedure successfully completed.

ops$tkyte@DEV816>
ops$tkyte@DEV816> declare
  2      l_data  varchar2(255);
  3  begin
  4      l_data := rpad( :x, (trunc(length(:x)/8)+1)*8, chr(0) );
  5 
  6      dbms_obfuscation_toolkit.DESEncrypt
  7          ( input_string => l_data,
  8        key_string   => 'MagicKey',
  9        encrypted_string=> :x );
10  end;
11  /

PL/SQL procedure successfully completed.

ops$tkyte@DEV816>
ops$tkyte@DEV816> print x

X
-------------------------
Òr
=ðÝw]ð‘SWñ:ÝÐôÊ?T¬

ops$tkyte@DEV816>
ops$tkyte@DEV816> declare
  2      l_data  varchar2(255);
  3  begin
  4      dbms_obfuscation_toolkit.DESDecrypt
  5          ( input_string => :x,
  6        key_string   => 'MagicKey',
  7        decrypted_string=> l_data );
  8 
  9      :x := rtrim( l_data, chr(0) );
10  end;
11  /

PL/SQL procedure successfully completed.

ops$tkyte@DEV816>
ops$tkyte@DEV816> print x

X
-------------------------
How Now Brown Cow


A "MagicKey" que você deve criar a sua própria. Se alguém descobrir, conseguirá descriptografar sua informação. Por isso, o ideal é criptografar a sua procedure com o WRAP.

Nenhum comentário :

Postar um comentário

Related Posts Plugin for WordPress, Blogger...