Oracle DBMS_GSM_SEC
Version 23c

General Information
Library Note Morgan's Library Page Header
ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling complimentary technical Workshops on Database Security for the first 30 Oracle Database customers located anywhere in North America, EMEA, LATAM, or APAC that send an email to asra_us@oracle.com. Request a Workshop for your organization today.
Purpose Undocumented Global Service Manager Administration Utilities.

The installation file contains the following note: "since changes to gsmadmin_internal tables aren't propagated to logical standbys, mark all gsm packages as unsupported"
AUTHID DEFINER
Dependencies
CLEANUP_DDL DBMS_GSM_FIXED DBMS_GSM_UTILITY
DBMS_GSM_CURUSER DBMS_GSM_GSMUSER DBMS_SYS_ERROR
DBMS_GSM_DDL DBMS_GSM_SEC_LIB SHARD_KEYS
Documented No
First Available 20c
Pragma PRAGMA SUPPLEMENTAL_LOG_DATA(default, UNSUPPORTED);
Security Model Owned by SYS with EXECUTE granted to the GSMADMIN_ROLE, GSMCATUSER and SYSDG roles.
Source {ORACLE_HOME}/rdbms/admin/dbmsgwmfix.sql
{ORACLE_HOME}/rdbms/admin/prvtgwmfix.plb
Subprograms
CATSUPENC ENCRYPTLOBSTRING PUTKEY
CONTROLCHUNK GETDBPARAMETERNUM PUTMKEY
DECLOBSTRING GWM_TRACE_OUTPUT PUTTMPKEY
DECWITHKEYID PKEDEC SHARDSUPPENC
DELTMPKEY PUTCATUSER  
 
CATSUPENC (new 23c)
Undocumented dbms_gsm_sec.catSupEnc RETURN BOOLEAN;
BEGIN
  IF dbms_gsm_sec.catSupEnc THEN
    dbms_output.put_line('T');
  ELSE
    dbms_output.put_line('F');
  END IF;
END;
/
F
 
CONTROLCHUNK (new 23c)
Undocumented dbms_gsm_sec.controlChunk(
chunkid IN BINARY_INTEGER,
op      IN BINARY_INTEGER,
p1      IN BINARY_INTEGER);
TBD
 
DECLOBSTRING
Descrypts a BLOB and returns it as CLOB dbms_gsm_sec.decLobString(
enc_key    IN     RAW,
enc_string IN     BLOB,
string     IN OUT CLOB,
out_len       OUT BINARY_INTEGER);
TBD
 
DECWITHKEYID (new 23c)
Decrypt using shard key ID dbms_gsm_sec.decWithKeyID(
enc_string IN  RAW,
dec_string OUT VARCHAR2,
key_id     IN  BINARY_INTEGER)
RETURN BINARY_INTEGER;
PRAGMA SUPPLEMENTAL_LOG_DATA(decWithKeyID, READ_ONLY);
TBD
 
DELTMPKEY
Deletes the temporary key from the SGA

The demo at right is from a 23c database without sharding		 dbms_gsm_sec.delTmpKey(dbname IN VARCHAR2);
exec dbms_gsm_sec.delTmpKey('ORABASE23');

PL/SQL procedure successfully completed.
 
ENCRYPTLOBSTRING (new 23c)
Encrypts a CLOB string based on the provided encryption key

The demo at right is from a 23.2 database without sharding		 dbms_gsm_sec.encryptLOBString(
enc_key    IN     RAW,
in_string  IN     CLOB,
enc_string IN OUT BLOB)
RETURN BINARY_INTEGER;
PRAGMA SUPPLEMENTAL_LOG_DATA(encryptLobString, READ_ONLY);
DECLARE
 ec     RAW(128) := utl_raw.cast_to_raw('MORGAN');
 outVal BLOB;
 retVal BINARY_INTEGER;
BEGIN
  retVal := dbms_gsm_sec.encryptLOBString(ec, 'LIBRARY', outVal);
  dbms_output.put_line(retVal);
END;
/
ERROR at line 1:
ORA-01405: The fetched column returned a NULL value.
 
GETDBPARAMETERNUM (new 23c)
Return parameter number dbms_gsm_sec.getDBParameterNum(
pname  IN VARCHAR2,
pno    IN BINARY_INTEGER,
pdb_id IN BINARY_INTEGER)
RETURN BINARY_INTEGER;
PRAGMA SUPPLEMENTAL_LOG_DATA(getDBParameterNum, READ_ONLY);
TBD
 
GWM_TRACE_OUTPUT (new 23c)
Undocumented dbms_gsm_sec.gwm_trace_output(phrase IN VARCHAR2);
PRAGMA SUPPLEMENTAL_LOG_DATA(gwm_trace_output, READ_ONLY);
TBD
 
PKEDEC (new 23c)
Undocumented dbms_gsm_sec.pkeDec(
enc_string IN  RAW,
dec_string OUT VARCHAR2)
RETURN BINARY_INTEGER;
PRAGMA SUPPLEMENTAL_LOG_DATA(pkeDec, READ_ONLY);
TBD
 
PUTCATUSER
Adds the GSM catalog user password to the wallet dbms_gsm_sec.putCatUser(enc_pwd IN RAW);
exec dbms_gsm_sec.putCatUSer('DCC2ABB2B90B88666D77B929A0A8C1570725F2F7');

PL/SQL procedure successfully completed.
 
PUTKEY
Puts the provided encryption key in the shard_keys table

The demo at right is from a 21c database without sharding		 dbms_gsm_sec.putKey(
key_id  IN NUMBER,
sec_key IN RAW);
exec dbms_gsm_sec.putKey(3, 'DCC2ABB2B90B88666D77B929A0A8C1570725F2F7');
BEGIN dbms_gsm_sec.putKey(3, 'DCC2ABB2B90B88666D77B929A0A8C1570725F2F7'); END;
*
ERROR at line 1:
ORA-03876: error -5 when attempting to generate a temporary key to add new shards
ORA-06512: at "SYS.DBMS_SYS_ERROR", line 86
ORA-06512: at "SYS.DBMS_GSM_SEC", line 168
ORA-06512: at line 1
 
PUTMKEY (new 23c parameters)
Instructs a Primary Database to send its master key to its Standby Databases dbms_gsm_sec.putMkey(
dbname  IN VARCHAR2 DEFAULT NULL,
connstr IN VARCHAR2 DEFAULT NULL);
exec dbms_gsm_sec.putMkey;

PL/SQL procedure successfully completed.
 
PUTTMPKEY
Stores a temporary encryption key

The demo at right is from a 21c database without sharding		 dbms_gsm_sec.putTmpKey(
dbname  IN VARCHAR2,
tmp_key IN RAW);
exec dbms_gsm_sec.putTmpKey('TEST21DB', 'DCC2ABB2B90B88666D77B929A0A8C1570725F2F7');
BEGIN dbms_gsm_sec.putTmpKey('TEST21DB', 'DCC2ABB2B90B88666D77B929A0A8C1570725F2F7'); END;
*
ERROR at line 1:
ORA-03876: error 46693 when attempting to generate a temporary key to add new shards
ORA-06512: at "SYS.DBMS_SYS_ERROR", line 86
ORA-06512: at "SYS.DBMS_GSM_SEC", line 50
ORA-06512: at line 1
 
SHARDSUPPENC (new 23c)
Undocumented dbms_gsm_sec.shardSuppEnc(
dbname         IN VARCHAR2,
connect_string IN VARCHAR2,
enc_pwd        IN RAW)
RETURN BOOLEAN;
TBD

Related Topics
Built-in Functions
Built-in Packages
Database Security
DBMS_GSM_ALERTS
DBMS_GSM_CLOUDADMIN
DBMS_GSM_COMMON
DBMS_GSM_DBADMIN
DBMS_GSM_DDL
DBMS_GSM_FIX
DBMS_GSM_FIXED
DBMS_GSM_NOPRIV
DBMS_GSM_POOLADMIN
DBMS_GSM_UTILITY
DBMS_GSM_XDB
What's New In 21c
What's New In 23c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2023 Daniel A. Morgan All Rights Reserved
  DBSecWorx