October 2005
Intermediate to advanced
454 pages
14h 44m
English
Content preview from Oracle PL/SQL for DBAs
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
SHA-1 Hashing in Oracle Database 10g
As mentioned earlier, the MD5 protocol is not considered sufficiently secure for modern data protection, and SHA-1 is often used instead. SHA-1 is not available in the DBMS_OBFUSCATION_TOOLKIT, but in Oracle Database 10g, you can use the HASH function available in the DBMS_CRYPTO package to perform SHA-1 hashing . Here is the declaration of the function:
DBMS_CRYPTO.hash (
src in raw,
typ in pls_integer)
return raw;Because HASH accepts only the RAW datatype as input, I have to convert the input character string to RAW using the technique described earlier for encryption.
l_in := utl_i18n.string_to_raw (p_in_val, 'AL32UTF8');
This converted string can now be passed to the hash function.
In the second parameter typ (which must be declared in the PLS_INTEGER datatype ) you specify the algorithm to use for hashing. You can select any of the algorithms in Table 4-7.
Table 4-7. Hashing algorithms in DBMS_CRYPTO
|
Constant |
Description |
|
DBMS_CRYPTO.HASH_MD5 |
Message Digest 5 |
|
DBMS_CRYPTO.HASH_MD4 |
Message Digest 4 |
|
DBMS_CRYPTO.HASH_SH1 |
Secure Hashing Algorithm 1 |
For example, to get the hash value for a RAW datatype variable, you might write a function as follows:
/* File on web: get_sha1_hash_val.sql */
CREATE OR REPLACE FUNCTION get_sha1_hash_val (p_in RAW)
RETURN RAW
IS
l_hash RAW (4000);
BEGIN
l_hash := DBMS_CRYPTO.HASH (src => p_in, typ => DBMS_CRYPTO.hash_sh1);
RETURN l_hash;
END;
/For MD5 hashing, you would change the value of the parameter typ ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.