加密一个PL/SQL单元就是隐藏PL/SQL代码的过程。可以使用oracle提供的wrap工具和DBMS_DDL进行加密。wrap工具在命令行运行来处理一
下面不才根据Oracle官方文档讲解一下如何加密PL/SQL代码,希望大家共同学习:
主要内容包含以下三块:
一、什么叫加密(二进制文件的混淆技术混淆 Obfuscation)?
加密一个PL/SQL单元就是隐藏PL/SQL代码的过程。可以使用oracle提供的wrap工具和DBMS_DDL进行加密。
wrap工具在命令行运行来处理一个输入的SQL 文件,例如SQL*PLUS的安装脚本。DBMS_DDL子程序加密单个动态生成的PL/SQL 单元,例如一个‘CREATE PROCEDURE’声明。
加密的优点:
1. 防止其他开发人员滥用你的应用或者商业竞争者偷看你的逻辑。
2. 加密后即使通过USER_SOURCE、ALL_SOURCE或者DBA_SOURCE数据字典看不见源代码 。
3. SQL*PLUS可以处理加密后的程序。
4. 导入导出工具也支持加密代码,你可以备份或者移动已经加密的存储过程。
对加密的一些提示:
1. 当加密一个包或者对象类型,只加密包体不加密声明。这就允许开发人员看见将要使用的包或类型的声明,但是看不到实现。
2. 加密后的源码不可以编辑,如果要修改可以编辑源代码,然后再加密。你也可以推迟加密操作到源代码最终被应用。
3. 为了确保所有重要的源代码都被加密,最好加密后在编辑器中查看确认。
加密方法的局限性:
1. 虽然加密帮助隐藏源程序的逻辑并且使解密变的异常困难,Oracle并不推荐使用该方法加密用户密码和表名。
加密PL/SQL代码不能绝对阻止一切试图查看源代码的操作。
2. 加密不支持触发器,为了隐藏一个触发器的工作,我们可以写一个one-line触发器来调用已经加密的存储过程。
3. 加密的过程并不会去检查PL/SQL代码中的语法或者语义上的错误,例如表或视图不存在。这些错误只有在编译或执行的时候才会检查被发现。
4. 被加密的PL/SQL程序不能导入到低版本的数据库中,Oracle支持是向上兼容,不支持向下兼容。例如,你能装载在V8.15上加密过的文件到
V8.16,但是反过来就不行!
5. 由于源代码是PL/SQL编译器解析,而不是SQL*PLUS,,所以要使用wrap工具加密的PL/SQL代码中不能使用SQL*PLUS符号声明的替代变量。
6. 绝大多数的注释将在加密的文件中去处。See .
7.如果调用DBMS_SQL.PARSE方法解析已通过DBMS_DDL.WRAP加密的PL/SQL单元时遇到语句使用了超过32767的VARCHAR2文本类型 ,需要设置LFFLG参数为
FALSE。否则DBMS_SQL.PARSE往加密的单元中新增行将会破坏程序单元!
二、使用WRAP工具加密PL/SQL代码:
wrap工具介绍:
1.warp只处理PL/SQL块,不会处理匿名块或者触发器或者非PL/SQL块。
2. 语法如下:
wrap iname=input_file [oname=output_file] 注:等号左右不能有空格
input_file 是包含SQL语句的文件名,扩展名不写默认为.sql,也可以使用其他扩展格式:
例如:
wrap iname=/mydir/myfile
wrap iname=/mydir/myfile.sql
wrap iname=/mydir/myfile.src
output_file 是加密后生成的文件名,扩展名为.pld。也可以使用其他扩展格式:
例如:
wrap iname=/mydir/myfile.sql oname=/mydir/myfile.plb
wrap iname=/mydir/myfile oname=/yourdir/yourfile.out
wrap使用案例:
For example, assume that the wrap_test.sql file contains the following:
加密过程如下:
1. 保存wraptest.sql文件到d盘根目录:
2.命令行中输入以下语句:
三、使用DBMS_DDL子程序加密PL/SQL代码:
DBMS_DDL子程序介绍:
dbms_dll包含WRAP函数和CREATE_WRAPPED存储过程来加密单独的PL/SQL块,如包声明,包体,函数,存储过程,类型声明或者类型体。这些重载的子程序提供加密动态生成的PL/SQL块的机制。
DBMS_DDL子程序使用案例:
声明以下语句,并调用DBMS_DDL进行加密:
查看USER_SOURCE中 emp_actions包的源代码是否加密:
...............
---------------------------------------------------
made by dylan.
What Are the Limitations of Using Views in MySQL?May 14, 2025 am 12:10 AMMySQLviewshavelimitations:1)Theydon'tsupportallSQLoperations,restrictingdatamanipulationthroughviewswithjoinsorsubqueries.2)Theycanimpactperformance,especiallywithcomplexqueriesorlargedatasets.3)Viewsdon'tstoredata,potentiallyleadingtooutdatedinforma
Securing Your MySQL Database: Adding Users and Granting PrivilegesMay 14, 2025 am 12:09 AMProperusermanagementinMySQLiscrucialforenhancingsecurityandensuringefficientdatabaseoperation.1)UseCREATEUSERtoaddusers,specifyingconnectionsourcewith@'localhost'or@'%'.2)GrantspecificprivilegeswithGRANT,usingleastprivilegeprincipletominimizerisks.3)
What Factors Influence the Number of Triggers I Can Use in MySQL?May 14, 2025 am 12:08 AMMySQLdoesn'timposeahardlimitontriggers,butpracticalfactorsdeterminetheireffectiveuse:1)Serverconfigurationimpactstriggermanagement;2)Complextriggersincreasesystemload;3)Largertablesslowtriggerperformance;4)Highconcurrencycancausetriggercontention;5)M
MySQL: Is it safe to store BLOB?May 14, 2025 am 12:07 AMYes,it'ssafetostoreBLOBdatainMySQL,butconsiderthesefactors:1)StorageSpace:BLOBscanconsumesignificantspace,potentiallyincreasingcostsandslowingperformance.2)Performance:LargerrowsizesduetoBLOBsmayslowdownqueries.3)BackupandRecovery:Theseprocessescanbe
MySQL: Adding a user through a PHP web interfaceMay 14, 2025 am 12:04 AMAdding MySQL users through the PHP web interface can use MySQLi extensions. The steps are as follows: 1. Connect to the MySQL database and use the MySQLi extension. 2. Create a user, use the CREATEUSER statement, and use the PASSWORD() function to encrypt the password. 3. Prevent SQL injection and use the mysqli_real_escape_string() function to process user input. 4. Assign permissions to new users and use the GRANT statement.
MySQL: BLOB and other no-sql storage, what are the differences?May 13, 2025 am 12:14 AMMySQL'sBLOBissuitableforstoringbinarydatawithinarelationaldatabase,whileNoSQLoptionslikeMongoDB,Redis,andCassandraofferflexible,scalablesolutionsforunstructureddata.BLOBissimplerbutcanslowdownperformancewithlargedata;NoSQLprovidesbetterscalabilityand
MySQL Add User: Syntax, Options, and Security Best PracticesMay 13, 2025 am 12:12 AMToaddauserinMySQL,use:CREATEUSER'username'@'host'IDENTIFIEDBY'password';Here'showtodoitsecurely:1)Choosethehostcarefullytocontrolaccess.2)SetresourcelimitswithoptionslikeMAX_QUERIES_PER_HOUR.3)Usestrong,uniquepasswords.4)EnforceSSL/TLSconnectionswith
MySQL: How to avoid String Data Types common mistakes?May 13, 2025 am 12:09 AMToavoidcommonmistakeswithstringdatatypesinMySQL,understandstringtypenuances,choosetherighttype,andmanageencodingandcollationsettingseffectively.1)UseCHARforfixed-lengthstrings,VARCHARforvariable-length,andTEXT/BLOBforlargerdata.2)Setcorrectcharacters
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SublimeText3 Chinese version
Chinese version, very easy to use
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Notepad++7.3.1
Easy-to-use and free code editor
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
