ENCRYPT v12
The ENCRYPT
function or procedure uses a user-specified algorithm, key, and optional initialization vector to encrypt RAW
, BLOB
or CLOB
data. The signature of the ENCRYPT
function is:
The signature of the ENCRYPT
procedure is:
or
When invoked as a procedure, ENCRYPT
returns BLOB
or CLOB
data to a user-specified BLOB
.
Parameters
dst
dst
specifies the name of a BLOB
to which the output of the ENCRYPT
procedure will be written. The ENCRYPT
procedure will overwrite any existing data currently in dst
.
src
src
specifies the source data that will be encrypted. If you are invoking ENCRYPT
as a function, specify RAW
data; if invoking ENCRYPT
as a procedure, specify BLOB
or CLOB
data.
typ
typ
specifies the block cipher type that will be used by ENCRYPT
, and any modifiers. Advanced Server supports the block cipher algorithms, modifiers and cipher suites listed below:
Block Cipher Algorithms | |
---|---|
ENCRYPT_DES | CONSTANT INTEGER := 1; |
ENCRYPT_3DES | CONSTANT INTEGER := 3; |
ENCRYPT_AES | CONSTANT INTEGER := 4; |
ENCRYPT_AES128 | CONSTANT INTEGER := 6; |
Block Cipher Modifiers | |
CHAIN_CBC | CONSTANT INTEGER := 256; |
CHAIN_ECB | CONSTANT INTEGER := 768; |
Block Cipher Padding Modifiers | |
PAD_PKCS5 | CONSTANT INTEGER := 4096; |
PAD_NONE | CONSTANT INTEGER := 8192; |
Block Cipher Suites | |
DES_CBC_PKCS5 | CONSTANT INTEGER := ENCRYPT_DES + CHAIN_CBC + PAD_PKCS5; |
DES3_CBC_PKCS5 | CONSTANT INTEGER := ENCRYPT_3DES + CHAIN_CBC + PAD_PKCS5; |
AES_CBC_PKCS5 | CONSTANT INTEGER := ENCRYPT_AES + CHAIN_CBC + PAD_PKCS5; |
key
key
specifies the encryption key.
iv
iv
(optional) specifies an initialization vector. By default, iv
is NULL
.
Examples
The following example uses the DBMS_CRYPTO.DES_CBC_PKCS5
Block Cipher Suite (a pre-defined set of algorithms and modifiers) to encrypt a value retrieved from the passwords
table:
ENCRYPT
uses a key value of my secret key
and an initialization vector of my initialization vector
when encrypting the password
; specify the same key and initialization vector when decrypting the password
.