Oracle Data encryption Method Analysis _oracle

An example of this article describes Oracle data encryption methods. Share to everyone for your reference, specific as follows:

Using MD5 encoding to encrypt database user password fields

First, the preface

As we all know, MD5 is currently the most widely used password protection method, the code legend is an irreversible encryption code (that is, never capitalize the original code). Using MD5 encryption User's operation password, can effectively prevent system maintenance personnel to enter the database directly when the system security vulnerabilities (directly using the SELECT statement query, the User password field can only see garbled, or "* * *")

Here for password field encryption, as an example, I hope to give you the system construction process to bring help.

Second, technical points

1. Dbms_obfuscation_toolkit. MD5

Dbms_obfuscation_toolkit. MD5 is a MD5 encoded packet function, but I am using select Dbms_obfuscation_toolkit. MD5 (input_string => ' abc ') A from dual, it appears that the function can only be invoked directly in the package and cannot be applied directly to the SELECT statement.

2. Utl_raw.cast_to_raw

Dbms_obfuscation_toolkit. MD5 returns the string, is the Raw type, to be properly displayed, requires a utl_raw.cast_to_raw conversion

Create or Replace package test_md5 as
  function fn_getmd5 (p_str in varchar2) return
    varchar2;
  function Fn_checkuser (p_username in Varchar2,p_password on VARCHAR2) return number
    ;
End;
Create or replace package body test_md5 as
  function fn_getmd5 (P_str into varchar2) return
    varchar2 as
  begin
   return Dbms_obfuscation_toolkit. MD5 (
      input_string => Upper (P_STR)
    );
  End;
  function Fn_checkuser (p_username in Varchar2,p_password on VARCHAR2) return number is
    L_password varchar (1000);
  Begin
    Select password into L_password from Test_user
    where Upper (username) =upper (p_username) and password= Test_md5. FN_GETMD5 (P_password);
    If L_password is null Then return
      0;
    else return
      1;
    End If;
    Exception when
    No_data_found then return
      3;
  End;
End

Test:

Delete Test_user;
Insert into Test_user Values (' A ', test_md5. FN_GETMD5 (' AA '));
Insert into Test_user Values (' B ', test_md5. FN_GETMD5 (' BB '));
SELECT * from Test_user;
Select test_md5. Fn_checkuser (' A ', ' AA ') from Dual;
Select test_md5. Fn_checkuser (' A ', ' BB ') from Dual;
SELECT * from Test_user t where T.PASSWORD=TEST_MD5.FN_GETMD5 (' AA ')

More readers interested in Oracle-related content can view the site topics: "Oracle Common Functions Summary", "Oracle Date and time Operation skills Summary" and "Php+oracle Database programming Skills Summary"

I hope this article will help you with your Oracle database program design.