Oracle DBMS_GSM

Oracle DBMS_GSM_SEC Version 21c

General Information

Library Note

Morgan's Library Page Header

Which has the higher priority in your organization: Deploying a new database or securing the ones you already have? Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.

Purpose Undocumented Global Service Manager Administration Utilities.

The installation file contains the following note: "since changes to gsmadmin_internal tables aren't propagated to logical standbys, mark all gsm packages as unsupported"

AUTHID DEFINER

Dependencies

DBMS_GSM_COMMON	DBMS_GSM_UTILITY	EXECASUSERID
DBMS_GSM_SEC_LIB	DBMS_SYS_ERROR	SHARD_KEYS

Documented No

First Available 20c

Pragma PRAGMA SUPPLEMENTAL_LOG_DATA(default, UNSUPPORTED);

Security Model Owned by SYS with EXECUTE granted to the GSMADMIN_ROLE, GSMCATUSER and SYSDG roles.

Source {ORACLE_HOME}/rdbms/admin/dbmsgwmfix.sql

Subprograms

DECLOBSTRING	PUTCATUSER	PUTMKEY
DELTMPKEY	PUTKEY	PUTTMPKEY

DECLOBSTRING (new 20c)

Descrypts a BLOB and returns it as CLOB dbms_gsm_sec.decLobString( enc_key IN RAW, enc_string IN BLOB, string IN OUT CLOB, out_len OUT BINARY_INTEGER);

TBD

DELTMPKEY (new 20c)

Deletes the temporary key from the SGA

The demo at right is from a 21c database without sharding dbms_gsm_sec.delTmpKey(dbname IN VARCHAR2);

exec dbms_gsm_sec.delTmpKey('DCC2ABB2B90B88666D77B929A0A8C1570725F2F7');

      BEGIN dbms_gsm_sec.delTmpKey('DCC2ABB2B90B88666D77B929A0A8C1570725F2F7'); END;

      *

      ERROR at line 1:

      ORA-00600: internal error code, arguments: [gwsec_create_wallet.identifier], [53], [], [], [], [], [], [], [], [], [], []

      ORA-06512: at "SYS.DBMS_GSM_SEC", line 66

      ORA-06512: at line 1

PUTCATUSER (new 21c)

Adds the GSM catalog user password to the wallet dbms_gsm_sec.putCatUser(enc_pwd IN RAW);

exec dbms_gsm_sec.putCatUSer('DCC2ABB2B90B88666D77B929A0A8C1570725F2F7');

      

      PL/SQL procedure successfully completed.

PUTKEY (new 20c)

Puts the provided encryption key in the shard_keys table

The demo at right is from a 21c database without sharding dbms_gsm_sec.putKey( key_id IN NUMBER, sec_key IN RAW);

exec dbms_gsm_sec.putKey(3, 'DCC2ABB2B90B88666D77B929A0A8C1570725F2F7');

      BEGIN dbms_gsm_sec.putKey(3, 'DCC2ABB2B90B88666D77B929A0A8C1570725F2F7'); END;

      *

      ERROR at line 1:

      ORA-03876: error -5 when attempting to generate a temporary key to add new shards

      ORA-06512: at "SYS.DBMS_SYS_ERROR", line 86

      ORA-06512: at "SYS.DBMS_GSM_SEC", line 168

      ORA-06512: at line 1

PUTMKEY (new 20c)

Instructs a Primary Database to send its master key to its Standby Databases dbms_gsm_sec.putMkey;

exec dbms_gsm_sec.putMkey;

      

      PL/SQL procedure successfully completed.

PUTTMPKEY (new 20c)

Stores a temporary encryption key

The demo at right is from a 21c database without sharding dbms_gsm_sec.putTmpKey( dbname IN VARCHAR2, tmp_key IN RAW);

exec dbms_gsm_sec.putTmpKey('TEST21DB', 'DCC2ABB2B90B88666D77B929A0A8C1570725F2F7');

      BEGIN dbms_gsm_sec.putTmpKey('TEST21DB', 'DCC2ABB2B90B88666D77B929A0A8C1570725F2F7'); END;

      *

      ERROR at line 1:

      ORA-03876: error 46693 when attempting to generate a temporary key to add new shards

      ORA-06512: at "SYS.DBMS_SYS_ERROR", line 86

      ORA-06512: at "SYS.DBMS_GSM_SEC", line 50

      ORA-06512: at line 1