PROCEDURE DESENCRYPT
Argument Name
Type
In/Out Default?
------------------------------ ----------------------- ------ --------
INPUT_STRING
VARCHAR2
IN
KEY_STRING
VARCHAR2
IN
ENCRYPTED_STRING
VARCHAR2
OUT
DESENCRYPT过程就是DES的加密过程。其中参数INPUT_STRING是需要加密的字符串,参数KEY_STRING是加密算法的密钥匙,而参数ENCRYPTED_STRING为得到的加密后的字符串。
例子1:
SQL> variable en_in varchar2(100)
SQL> variable en_key varchar2(100)
SQL> variable en_out varchar2(100)
SQL> exec :en_in := 'sunwg'
SQL> exec :en_key := '12345'
SQL> exec dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out);
BEGIN dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out); END;
*
ERROR at line 1:
ORA-28232: invalid input length for obfuscation toolkit
ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT_FFI", line 21
ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT", line 115
ORA-06512: at line 1
例子2:
SQL>exec :en_in := 'sunwgsun'
SQL>exec :en_key := '12345'
SQL> exec dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out);
BEGIN dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out); END;
*
ERROR at line 1:
ORA-28234: key length too short
ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT_FFI", line 21
ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT", line 115
ORA-06512: at line 1
例子3:
SQL> exec :en_in := 'sunwgsun'
SQL> exec :en_key := '12345678'
SQL> exec dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out);
PL/SQL procedure successfully completed.
SQL> print en_out
EN_OUT
-------------------------------------------------
6ð?ªä5Ù
SQL> select length(:en_out) from dual;
LENGTH(:EN_OUT)
---------------
8
例子4:
SQL> exec :en_in := 'sunwgsun'
SQL> exec :en_key := '123456789'
SQL> exec dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out);
PL/SQL procedure successfully completed.
SQL>print en_out
EN_OUT
-------------------------------------------------
6ð?ªä5Ù
SQL>select length(:en_out) from dual;
LENGTH(:EN_OUT)
---------------
8
例子5:
SQL> exec :en_in := 'sunwgsun'
SQL>exec :en_key := '12345678901234567890'
SQL>exec dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out);
PL/SQL procedure successfully completed.
SQL> print en_out
EN_OUT
-------------------------------------------------
6ð?ªä5Ù
SQL>select length(:en_out) from dual;
LENGTH(:EN_OUT)
---------------
8
例子6:
SQL> exec :en_in := 'sunwgsunwg'
SQL> exec :en_key := '12345678'
SQL> exec dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out);
BEGIN dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out); END;
*
ERROR at line 1:
ORA-28232: invalid input length for obfuscation toolkit
ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT_FFI", line 21
ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT", line 115
ORA-06512: at line 1
例子7:
SQL> exec :en_in := 'sunwgsunwgsunwgs'
SQL> exec :en_key := '12345678'
SQL>exec dbms_obfuscation_toolkit.DESENCRYPT(INPUT_STRING => :en_in,KEY_STRING => :en_key,ENCRYPTED_STRING => :en_out);
PL/SQL procedure successfully completed.
SQL> print en_out
EN_OUT
-------------------------------------------------
6ð?ªä5Ù ?õ©P‘ÏT£ SQL>select length(:en_out) from dual;
LENGTH(:EN_OUT)
---------------
16
说明:
(1)
从例子1和例子2可以看出输入的需要加密的字符串长度是有限制的,需要大于等于8的。那是不是所有大于8的都可以呢,不是的。从例子6可以看出长度是10也是不可以的,例子7说明长度是16是允许的。其实长度只要是8的倍数就可以,因为DES加密的第一步就是置位,置位的最少单位是64位,即8个字节。超过8个字符的也会被分割成多个长度为8的字符串进行处理。
(2)
关于加密密钥的长度大家都知道了,应该是不能小于8的,这点从例子2和例子3中也可以看出来。如果大于8呢,大于8也是允许的合法输入。可是从例子3,4,5可以看出来,密钥匙有效的只是前8个字符,后面的全部会被忽略的。所以超过8个字符的密钥也是没有意思的。从这里就可以体现出过程DESGETKEY的重要性了,他可以产生相对人为设置的更加复杂的密钥。
(3)
从例子3和例子7可以看出,加密后的字符串长度等于加密前的字符串长度,都是8的倍数。还是那句话,这是由DES的算法决定的。
|