--0-783368690-962131458=:7596
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Anyone has used this package???
Note: forwarded message attached.
Ashish
Toronto, Canada
Do You Yahoo!?
Get Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
--0-783368690-962131458=:7596
Content-Type: message/rfc822
X-Apparently-To: ar_shah_at_yahoo.com via web705.mail.yahoo.com
Received: from web613.mail.yahoo.com (216.115.104.82)
by mta224.mail.yahoo.com with SMTP; 27 Jun 2000 11:32:59 -0700 (PDT)
Message-ID: <20000627183248.18396.qmail_at_web613.mail.yahoo.com>
Received: from [163.188.121.5] by web613.mail.yahoo.com; Tue, 27 Jun 2000 11:32:48 PDT
Date: Tue, 27 Jun 2000 11:32:48 -0700 (PDT)
From: yong huang <yong321_at_yahoo.com>
Subject: Re: Encryption
To: Ashish Shah <ar_shah_at_yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Length: 5943
Ashish,
Sorry I can't help. In fact I never used this package because we're still using
Oracle 8.1.5 here. That package is available only for 8.1.6. I read about that
package and think it's a very good one. For now, I can only use the
dbms_utility.get_hash_value as shown at
http://osi.oracle.com/~tkyte/Misc/Passwords.html
You're using 8.1.6, aren't you? BTW, when you install it, did you login as sys?
Yong Huang
- Ashish Shah <ar_shah_at_yahoo.com> wrote:
> Thanks for the info.
>
> To get this packg in dbs I ran
> dbmsobtk.sql
> prvtobtk.plb
> from ../rdbms/admin/
>
> Do I need to do anything else? Bcoz When i
> try to use it i am getting "can not find program
> unit being called" error..
>
> Thanks.
>
> --- yong huang <yong321_at_yahoo.com> wrote:
> >
> http://dan.emsphone.com/oracle/server.816/a76936/dbms_obf.htm#6518
> >
> > or technet.oracle.com.
> >
> > Yong
> >
> > --- Ashish Shah <ar_shah_at_yahoo.com> wrote:
> > > How do I find information on
> > dbms_obfuscation_toolkit
> > > package?? I couldn't find any doc on this...
> > >
> > > TIA
> > >
> > > Ashish
> > > --- Jared Still <jkstill_at_bcbso.com> wrote:
> > > >
> > > > More on Oracle's DES implementation if you are
> > still
> > > > interested.
> > > >
> > > > In experimenting with different key lengths, I
> > found
> > > > that Oracle's
> > > > DES implementation inconsistently produced bad
> > > > results with key
> > > > lengths < 8 characters.
> > > >
> > > > With certains keys, some arbitrary key lengths (
> > a
> > > > substring of
> > > > a longer key ) would produce correct results,
> > while
> > > > others
> > > > would not.
> > > >
> > > > Alas, I inadvertently deleted the file that had
> > that
> > > > key and
> > > > have not been able to reproduce that particular
> > > > problem.
> > > >
> > > >
> > > > Below is a script that will run keys from 1 to
> > 56
> > > > characters.
> > > >
> > > > I'd be interested in seeing results from others
> > on
> > > > this if
> > > > you are interested in playing with it.
> > > >
> > > > Jared
> > > >
> > > >
> > > > -- runs DES against a 24 byte string using key
> > > > strings
> > > > -- from 1 to 56 characters
> > > > --
> > > >
> > > >
> > > > drop table des_keylen_test;
> > > >
> > > > create table des_keylen_test (
> > > > keylen number(3,0) not null,
> > > > input varchar2(24) not null,
> > > > success_ind varchar2(1) not null,
> > > > output varchar2(24),
> > > > cipher_text varchar2(24)
> > > > )
> > > > /
> > > >
> > > >
> > > > declare
> > > > key varchar2(56) := 'this is a 56 bit key used
> > to
> > > > test key various lengths';
> > > > v_input_string varchar2(24) := 'this is 24
> > > > characters';
> > > > v_output_string varchar2(24);
> > > > v_key_string varchar2(56);
> > > > v_encrypted_string varchar2(100);
> > > >
> > > > begin
> > > >
> > > >
> > > > for len in 1 .. 56
> > > > loop
> > > >
> > > > v_key_string := substr(key,1,len);
> > > > v_output_string := '';
> > > >
> > > > begin
> > > > dbms_output.put( 'key len: ' || len || ' - '
> > );
> > > >
> > > > dbms_obfuscation_toolkit.desencrypt(
> > > > input_string => v_input_string,
> > > > key_string => v_key_string,
> > > > encrypted_string => v_encrypted_string
> > > > );
> > > >
> > > > dbms_obfuscation_toolkit.desdecrypt(
> > > > input_string => v_encrypted_string,
> > > > key_string => v_key_string,
> > > > decrypted_string => v_output_string
> > > > );
> > > >
> > > > dbms_output.put_line( v_output_string );
> > > >
> > > > insert into des_keylen_test ( keylen, input,
> > > > output, cipher_text, success_ind )
> > > > values( len, v_input_string, v_output_string,
> > > > v_encrypted_string, 'Y' );
> > > >
> > > > exception
> > > > when others then
> > > > insert into des_keylen_test ( keylen, input,
> > > > success_ind )
> > > > values( len, v_input_string, 'N' );
> > > > end;
> > > >
> > > > end loop;
> > > >
> > > > commit;
> > > >
> > > > end;
> > > > /
> > > >
> > > >
> > > > spool des_keylen_test.log
> > > > set term off
> > > > select * from des_keylen_test;
> > > > set term on
> > > > spool off
> > > >
> > > > ed des_keylen_test.log
> > > >
> > > >
> > > >
> > > > On Sun, 25 Jun 2000, yong huang wrote:
> > > >
> > > > > Thomas Kyte has a short, concise article
> > showing
> > > > how to encrypt / "decrypt"
> > > > > strings in Oracle 8.1.5 and lower version:
> > > > >
> > http://osi.oracle.com/~tkyte/Misc/Passwords.html
> > > > >
> > > > > For Oracle 8.1.6, the manual says the 56-bit
> > > > restriction on the DES encryption
> > > > > key length is required by US export law. Note
> > this
> > > > is 56 bit. I wonder if
> > > > > Jared's code should change the
> > length(key_string)
> > > > check to 7 bytes, instead of
> > > > > 56. By reading (not actually running) the
> > example
> > > > in the manual (for your
> > > > > convenience,
> > > > >
> > > >
> > >
> >
> http://dan.emsphone.com/oracle/server.816/a76936/dbms_ob3.htm#6618),
> > > > I think
> > > > > the line in the example code "key_string
> > > > VARCHAR2(8) := 'scottsco';" should be
> > > > > "key_string VARCHAR2(8) := 'scottsc';".
> > Otherwise,
> > > > what's the difference
> > > > > between this and the line
> > "wrong_key_string..."?
> > > > >
> > > > > VITTAL, the difference between input_string
> > and
> > > > key_string is, the input string
> > > > > is the string you want to encrypt, e.g.
> > employees'
> > > > passwords; the key_string is
> > > > > an encryption key you as a developer use in
> > the
> > > > application applied to all data
> > > > > (when your PL/SQL code is called).
> > > > >
> > > > > To use this package in your case, (1) if the
Received on Tue Jun 27 2000 - 13:44:18 CDT
