OraFAQ Forum: Server Administration » masking data in a column

Home » RDBMS Server » Server Administration » masking data in a column

Show: Today's Messages :: Polls :: Message Navigator
E-mail to friend

masking data in a column [message #60407]

Fri, 06 February 2004 00:18

Sean Day
Messages: 7
Registered: October 2003

Junior Member

Is it possible to mask the data in a column with Oracle 9.0.1 Server running on a Solaris Server. I need to be able to have users enter a password pin number but it must be not stored in plain text in the database.

Has anyone done this before?

Any help would be much appreciated.

Sean

Report message to a moderator

Re: masking data in a column [message #60412 is a reply to message #60407]

Fri, 06 February 2004 02:55

Mahesh Rajendran
Messages: 10708
Registered: March 2002
Location: oracleDocoVille

Senior Member
Account Moderator

The oracle built-in package DBMS_OBFUSCATION_TOOLKIT will help you to this.
Please look into it.

Report message to a moderator

Re: masking data in a column [message #60425 is a reply to message #60412]

Fri, 06 February 2004 13:06

andrew again
Messages: 2577
Registered: March 2000

Senior Member

See this whole URL:
http://www.akadia.com/services/ora_important_2001.html#How to store data DES encrypted in Oracle

Or - from oramag:

Be sure to wrap the code. To avoid you mask from being visible in the wrapped code - you can make it from a few appended strings. Remember - whoever knows the decrypt function can get to the data...

create or replace FUNCTION Xorbin(c1 CHAR,c2 CHAR) RETURN CHAR IS
  loop1   NUMBER;
  loop11  NUMBER;
  r1     VARCHAR2(8);
  r2     VARCHAR2(8);
  r3     NUMBER;
  result VARCHAR2(40);
  divis  NUMBER;
BEGIN
  result := '';
  FOR loop1 IN 1..LENGTH(c1) LOOP
    r1 := Convbin(SUBSTR(c1,loop1,1));
    r2 := Convbin(SUBSTR(c2,loop1,1));
    divis := 128;
    r3    := 0;
    FOR loop11 IN 1..8 LOOP
      IF TO_NUMBER(SUBSTR(r1,loop11,1))+TO_NUMBER(SUBSTR(r2,loop11,1))=1 THEN
        r3 := r3 + divis;
      END IF;
      divis := divis / 2;
    END LOOP;
    result := result || CHR(r3);
  END LOOP;
  RETURN(result);
END;
/

create or replace FUNCTION Convbin(c1 CHAR) RETURN CHAR IS
  loop1  NUMBER;
  value NUMBER;
  divis NUMBER;
  r1    VARCHAR2(30);
-- encryption encrypt crypt unencrypt in Oracle

BEGIN
  r1 := '';
  value := ASCII(c1);
  divis := 128;
  FOR loop1 IN 0..7 LOOP
    IF TRUNC(value/divis) = 1 THEN
      r1 := r1 || '1';
    ELSE
      r1 := r1 || '0';
    END IF;
    value := value MOD divis;
    divis := divis / 2;
  END LOOP;
  RETURN r1;
END;
/

-- SET serveroutput ON
-- DECLARE
--   result  VARCHAR2(30);
--   mask    VARCHAR2(30);
-- BEGIN
--   mask    := 'abc'; /* Must be greater or equal to the value that
--                        will be "Crypted" */
--
--   result := XORBIN('ABD',mask);  /* "Crypt" */
--   dbms_output.put_line(result);
--
--   result := XORBIN(result,mask); /* "Unencrypt" */
--   dbms_output.put_line(result);
--
-- END;
-- /

Report message to a moderator

Previous Topic:	Windows 20 versus AIX
Next Topic:	big doubt

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Tue Jan 07 21:45:48 CST 2025