Oracle DBMS_TDE_TOOLKIT_FFI
Version 21c

General Information
Library Note Morgan's Library Page Header
ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling complimentary technical Workshops on Database Security for the first 30 Oracle Database customers located anywhere in North America, EMEA, LATAM, or APAC that send an email to asra_us@oracle.com. Request a Workshop for your organization today.
Purpose Utilities supporting Transparent Data Encryption and DataPump
AUTHID DEFINER
Dependencies
DBMS_TDE_TOOLKIT TDE_LIBRARY  
Documented No
First Available Not known
Security Model Owned by SYS with no privileges granted
Source {ORACLE_HOME}/rdbms/admin/prvtdtde.plb
Subprograms
DATAPUMP_DECRYPT DATAPUMP_ENCRYPT
 
DATAPUMP_DECRYPT
Decrypts strings for DataPump dbms_tde_toolkit.datapump_encrypt(
instring  IN  RAW,
outstring OUT RAW,
keyid     IN  RAW);
-- the use of StrPt1 to 3 is for webpage formatting only. The string used for testing is the one generated by the encrypt procedure below

DECLARE
 StrPt1  VARCHAR2(40) := '851714F5659E6983D619C768CC5F47CC818351EC';
 StrPt2  VARCHAR2(40) := '9F4809184EE13C2E9ECB490881D454B336E194A0';
 StrPt3  VARCHAR2(40) := 'AB47D616703F598F885AC1575437EF326A3';
 TestStr VARCHAR2(128) := StrPt1 || StrPt2 || StrPt3;
 TestVal RAW(128) := utl_raw.cast_to_raw(TestStr);
 RetKey  RAW(128) := utl_raw.cast_to_raw('abcdefgh');
 RetStr  RAW(2000);
BEGIN
  dbms_tde_toolkit_ffi.datapump_encrypt(TestVal, RetStr, RetKey);
  dbms_output.put_line(RetStr);
END;
/
 
DATAPUMP_ENCRYPT
Encrypts strings for DataPump dbms_tde_toolkit.datapump_decrypt(
instring  IN  RAW,
outstring OUT RAW,
keyid     OUT RAW);
conn / as sysdba

set serveroutput on

DECLARE
 l_credit_card_no VARCHAR2(19) := '1612-1791-1809-2605';
 l_ccn_raw RAW(128) := utl_raw.cast_to_raw(l_credit_card_no);
 RetKey    RAW(128);
 RetStr    RAW(128);
BEGIN
  dbms_tde_toolkit_ffi.datapump_encrypt(l_ccn_raw, RetStr, RetKey);
  dbms_output.put_line(RetStr);
  dbms_output.put_line(RetKey);
END;
/
-- the following exception is generated if a wallet does not exist or is not open
DECLARE
*
ERROR at line 1:
ORA-28365: wallet is not open
ORA-06512: at "SYS.DBMS_TDE_TOOLKIT_FFI", line 5
ORA-06512: at line 7

-- for instructions on creating a wallet follow the link at page bottom
ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY "N0way!";

DECLARE
 l_credit_card_no VARCHAR2(19) := '1612-1791-1809-2605';
 l_ccn_raw RAW(128) := utl_raw.cast_to_raw(l_credit_card_no);
 RetKey    RAW(128);
 RetStr    RAW(128);
BEGIN
  dbms_tde_toolkit_ffi.datapump_encrypt(l_ccn_raw, RetStr, RetKey);
  dbms_output.put_line(RetStr);
  dbms_output.put_line(RetKey);
END;
/

Related Topics
Built-in Functions
Built-in Packages
Database Security
DBMS_CRYPTO
DBMS_TDE_TOOLKIT
Packages
Transparent Data Encryption
Wallet
What's New In 21c
What's New In 23c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2023 Daniel A. Morgan All Rights Reserved
  DBSecWorx