Oracle DBMS_TDE_TOOLKIT_FFI
Version 19c

General Information
Library Note Morgan's Library Page Header
Which has the higher priority in your organization: Deploying a new database or securing the ones you already have? Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Purpose Utilities supporting Transparent Data Encryption and DataPump
AUTHID DEFINER
Dependencies
DBMS_TDE_TOOLKIT TDE_LIBRARY  
Documented No
First Available Not known
Security Model Owned by SYS with no privileges granted
Source {ORACLE_HOME}/rdbms/admin/prvtdtde.plb
Subprograms
 
DATAPUMP_DECRYPT
Decrypts strings for DataPump dbms_tde_toolkit.datapump_encrypt(
instring  IN  RAW,
outstring OUT RAW,
keyid     IN  RAW);
-- the use of StrPt1 to 3 is for webpage formatting only. The string used for testing is the one generated by the encrypt procedure below

DECLARE
 StrPt1  VARCHAR2(40) := '851714F5659E6983D619C768CC5F47CC818351EC';
 StrPt2  VARCHAR2(40) := '9F4809184EE13C2E9ECB490881D454B336E194A0';
 StrPt3  VARCHAR2(40) := 'AB47D616703F598F885AC1575437EF326A3';
 TestStr VARCHAR2(128) := StrPt1 || StrPt2 || StrPt3;
 TestVal RAW(128) := utl_raw.cast_to_raw(TestStr);
 RetKey  RAW(128) := utl_raw.cast_to_raw('abcdefgh');
 RetStr  RAW(2000);
BEGIN
  dbms_tde_toolkit_ffi.datapump_encrypt(TestVal, RetStr, RetKey);
  dbms_output.put_line(RetStr);
END;
/
 
DATAPUMP_ENCRYPT
Encrypts strings for DataPump dbms_tde_toolkit.datapump_decrypt(
instring  IN  RAW,
outstring OUT RAW,
keyid     OUT RAW);
conn / as sysdba

set serveroutput on

DECLARE
 l_credit_card_no VARCHAR2(19) := '1612-1791-1809-2605';
 l_ccn_raw RAW(128) := utl_raw.cast_to_raw(l_credit_card_no);
 RetKey    RAW(128);
 RetStr    RAW(128);
BEGIN
  dbms_tde_toolkit_ffi.datapump_encrypt(l_ccn_raw, RetStr, RetKey);
  dbms_output.put_line(RetStr);
  dbms_output.put_line(RetKey);
END;
/
-- the following exception is generated if a wallet does not exist or is not open
DECLARE
*
ERROR at line 1:
ORA-28365: wallet is not open
ORA-06512: at "SYS.DBMS_TDE_TOOLKIT_FFI", line 5
ORA-06512: at line 7


-- for instructions on creating a wallet follow the link at page bottom
ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "N0way!";

DECLARE
 l_credit_card_no VARCHAR2(19) := '1612-1791-1809-2605';
 l_ccn_raw RAW(128) := utl_raw.cast_to_raw(l_credit_card_no);
 RetKey    RAW(128);
 RetStr    RAW(128);
BEGIN
  dbms_tde_toolkit_ffi.datapump_encrypt(l_ccn_raw, RetStr, RetKey);
  dbms_output.put_line(RetStr);
  dbms_output.put_line(RetKey);
END;
/

Related Topics
Built-in Functions
Built-in Packages
DBMS_CRYPTO
DBMS_TDE_TOOLKIT
Packages
Security
Transparent Data Encryption
Wallet
What's New In 19c
What's New In 20c-21c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2019 Daniel A. Morgan All Rights Reserved
  DBSecWorx