| Decrypt programmatically when TDE is enabled [message #689413] |
Fri, 15 December 2023 10:00 |
 |
lodimas
Messages: 5
Registered: September 2023
|
Junior Member |
|
|
I need to decrypt programmatically an encrypted column value. I have access to the RAW encrypted value as stored in redo logs.
Using view ENC$, I can know which the encryption key (column COLKLC) is to decrypt this column value. But this key is encrypted. I also know it is encrypted using a master key in my wallet (indicated by column MKEYID in ENC$ view).
Using Oracle's tool mkstore, I can obtain the master key.
Still, I am finding hard to put together all this information. Master key is longer than 32 characters, and, thus, I don't know how to use it. Should I pick the first 32 characters? Also, I don't know how to decrypt the table key using the master key. Is it encrypted using AES256?
I would appreciate if somebody can help me to glue all these pieces. Some sample code in any non-SQL language would be very helpful (I am not intending to decrypt inside Oracle).
Not sure if posting in the correct forum...
Thank you!
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
