Oracle PL/SQL code encryption and decryption

Source: Internet
Author: User

Using Oracle PL/SQL code encryption to protect the business logic is very useful in some scenarios. The following is a simple arrangement:

1. Use the Wrap command to encrypt

2. Use the dbms_ddl package for encryption

Iii. Oracle encryption principles

4. Encryption Code cracking

1. Use the Wrap command to encrypt

1. Create an example file pro_wrap. SQL

create or replace procedure pro_wrap isbegin   dbms_output.put_line('Wrap Demo');end pro_wrap;
2. Use the wrap command to generate pld Encrypted Files

Wrap iname = c: \ pk \ pro_wrap. SQL oname = c: \ pk \ pro_wrap.plb

C: \ pk> wrap iname = c: \ pk \ pro_wrap. SQL oname = c: \ pk \ pro_wrap.plbPL/SQL Wrapper: Release 11.2.0.1.0-64bit Production on Tuesday March 25 21:58:20 2014 Copyright (c) 1993,200 9, Oracle. all rights reserved. processing c: \ pk \ pro_wrap. SQL to c: \ pk \ pro_wrap.plb
3. Use the encrypted file pro_wrap.pld to generate a stored procedure

C: \ pk> sqlplus/as sysdbaSQL * Plus: Release 11.2.0.1.0 Production on Tuesday March 25 22:17:19 2014 Copyright (c) 1982,201 0, Oracle. all rights reserved. connect to: Oracle Database 11g Enterprise Edition Release 11.2.0.1.0-64bit ProductionWith the Partitioning, OLAP, Data Mining and Real Application Testing optionsSQL> set serveroutput onSQL> @ c: the \ pk \ pro_wrap.plb process has been created. SQL> exec pro_wrap; the Wrap DemoPL/SQL process has been completed successfully.
The exec test shows that the stored procedure is successfully executed.

4. verify whether the code is encrypted.

SQL> set newpage noneSQL> set heading offSQL> set space 0SQL> set pagesize 0SQL> set trimout onSQL> set trimspool onSQL> set linesize 2500SQL> SELECT dbms_metadata.get_ddl('PROCEDURE','PRO_WRAP') FROM dual;  CREATE OR REPLACE PROCEDURE "SYS"."PRO_WRAP" wrappeda000000354abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd750 8dcKb3/QEp0AIWOH/IyhxS2ffLbrUwg5nnm7+fMr2ywFwWFpfQlpbyVmmldIvAwDL+0oYJaWm4UpuySv4osr3nsrMdBjAsriTqsoG4yGWcd2jPMi720eokHwKpyrXOpcrGpvY5pg2Gb0c=
We can see that the garbled characters are encrypted.


II. Use the dbms_ddl package for encryption

Wrap is a command line method, while dbms_ddl package is a code encryption package provided at the beginning of 10 Gb, which can be called in the Code and is more flexible.

Use desc dbms_dll to view the specific process name and parameters. Here is a simple example to encrypt a piece of code:

SQL> declare 2 v_ SQL varchar2 (1024); 3 v_wrap varchar2 (1024); 4 begin 5 6 v_ SQL: = 'create or replace procedure pro_wrap is 7 begin 8 dbms_output.put_line (\ ''wrap Demo \ ''); 9 end pro_wrap; '; 10 11 select dbms_ddl.wrap (v_ SQL) into v_wrap from dual; 12 dbms_output.put_line ('=================== '); 13 dbms_output.put_line (v_ SQL); 14 dbms_output.put_line ('=============== '); 15 dbms_ou Tput. put_line (v_wrap); 16 end; 17 // ======================== create or replace procedure pro_wrap is begin dbms_output.put_line (\ 'Wrap demo \'); end pro_wrap; ============================ create or replace procedure pro_wrap when creating + rules/tKGBsNpabhSm7JK/iiyveeysx0GMCyuJ OrwBIG4yPKcd2jkBDIu9tHc6iQfAqnKtc6lysam9kQ5phYZH50 = PL/SQL process completed successfully.
We can see that the code before and after direct encryption is quite different.


Iii. Oracle encryption principles

The wrap process of Oracle 10g PL/SQL is to compress lzstr on the source code lz first, and then compress the data into SHA-1 to obtain a 40-bit encrypted string shstr, then, the encrypted string and the compressed string are spliced to get shstr + lzstr. Then, Oracle dual-character conversion (conversion table) is performed on the concatenated string, and the converted string is base64-encoded, finally, the encrypted string of the wrap is obtained.

4. Encryption Code cracking

Read master articles

Oracle10g unwrap technical analysis By GENXOR
Http://blogs.360.cn/blog/oracle10g-unwrap%E6%8A%80%E6%9C%AF%E5%88%86%E6%9E%90-by-genxor/


MAIL: xcl_168@aliyun.com

BLOG: http://blog.csdn.net/xcl168


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.