Oracle DBMS_MACSEC_FUNCTION
Version 21c

General Information
Library Note Morgan's Library Page Header
ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling complimentary technical Workshops on Database Security for the first 30 Oracle Database customers located anywhere in North America, EMEA, LATAM, or APAC that send an email to asra_us@oracle.com. Request a Workshop for your organization today.
Purpose Contains functions that retrieve factor identities. After Oracle Database Vault installation, the install process locks the DVF account to enhance security.

When creating a new factor, Database Vault creates a new retrieval function for the factor owned by the DVF schema.
AUTHID DEFINER
Dependencies
DBMS_ASSERT DBMS_UTILITY  
Documented Yes
First Available Not Known
Security Model Owned by DVF with EXECUTE granted to DVSYS
Source {ORACLE_HOME}/rdbms/admin/dvmacfunc.plb
Subprograms
CREATE_FACTOR_FUNCTION DROP_FACTOR_FUNCTION TO_ORACLE_IDENTIFIER
 
CREATE_FACTOR_FUNCTION
Create retrieval function dbms_macsec_function.create_factor_function(p_factor IN VARCHAR2);
SQL> exec dvf.dbms_macsec_function.create_factor_function('ZZYZX');

PL/SQL procedure successfully completed.
The demo, at right, is from $ORACLE_HOME/rdbms/admin/catmact.sql reformatted for readability since no one has taught developers at Oracle how to format their code. dbms_macsec_function.create_factor_function(p_factor IN VARCHAR2);
BEGIN
  FOR c99 IN (SELECT id# , name, get_expr FROM dvsys.factor$) LOOP
    l_exp := c99.get_expr;
    l_name := c99.name;

    BEGIN
      -- if invalid factor name, then no need to create the factor function
      IF (LENGTH(l_name) > 126) THEN
        dvsys.dbms_macutl.raise_error(47951,'factor_name');
      END IF;

      sys.dbms_utility.canonicalize(
        sys.dbms_assert.simple_sql_name(
          dvsys.dbms_macutl.to_oracle_identifier(l_name)), l_canon_name, 126);
      IF (LENGTH(l_canon_name) > 126) THEN
        dvsys.dbms_macutl.raise_error(47951, 'factor_name');
      END IF;

      dvf.dbms_macsec_function.create_factor_function(l_name);
    EXCEPTION
      WHEN OTHERS THEN
        sys.dbms_output.put_line('sddvffnc: factor='||l_name||',error='||sqlerrm);
    END;
  END LOOP;
END;
/
 
DROP_FACTOR_FUNCTION
Drop a retrieval function.

The demo, at right, is from $ORACLE_HOME/rdbms/admin/dve12.sql		 dbms_macsec_function.drop_factor_function(p_factor IN VARCHAR2);
execute dvf.dbms_macsec_function.drop_factor_function('DV$_Module');
execute dvf.dbms_macsec_function.drop_factor_function('DV$_Client_Identifier');
execute dvf.dbms_macsec_function.drop_factor_function('DV$_Dblink_Info');
 
TO_ORACLE_IDENTIFIER
Converts the input string into a valid Oracle object name

Note in the demo, at right, a space in the string is converted to an underscore		 dbms_macsec_function.to_oracle_identifier(str IN VARCHAR2)
RETURN VARCHAR2;
SELECT dvf.dbms_macsec_function.to_oracle_identifier('ZZ ZZ')
FROM dual;

DVF.DBMS_MACSEC_FUNCTION.TO_ORACLE_IDENTIFIER('ZZZZ')
-----------------------------------------------------
ZZ_ZZ

Related Topics
Built-in Functions
Built-in Packages
CONFIGURE_DV_INTERNAL
DBMS_MACAUD
DBMS_MACOLS_SESSION
DBMS_MACOUT
DBMS_MACSEC
DBMS_MACSEC_ROLES
DBMS_MACSEC_RULES
EVENT
OLS_ENFORCEMENT
OLS$DATAPUMP
What's New In 21c
What's New In 23c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2023 Daniel A. Morgan All Rights Reserved
  DBSecWorx