Oracle DBMS_CRYPTO_TOOLKIT
Version 12.2.0.1

General Information
Library Note Morgan's Library Page Header
"I spent my entire adult life looking out for the well-being, the training, the equipping of the troops for whom I was responsible. I will not be lectured about what our military needs by a five-deferment draft dodger,"
~ Sen. Tammy Duckworth
Purpose Types and subroutines supporting the DBMS_CRYPTO built in encryption package and Wallets and Transparent Data Encryption.

According to the source file header:
--- Old dbms_crypto_TOOLKIT code.
--- The code below was desupported and should not be documented.
--- Final disposition on the removal of this package is pending.
--- December 12, 2002

Apparently someone forgot about this sometime during the previous decade.
AUTHID DEFINER
Constants
Name Data Type Value
DETACHEDSIGNATURE Crypto_Engine_Function 1
SIGNATURE Crypto_Engine_Function 2
ENVELOPING Crypto_Engine_Function 3
PKENCRYPTION Crypto_Engine_Function 4
ENCRYPTION Crypto_Engine_Function 5
KEYEDHASH_CHECKSUM Crypto_Engine_Function 6
HASH_CHECKSUM Crypto_Engine_Function 7
RANDOM Crypto_Engine_Function 8
 
CONTINUE_PROCESSING Crypto_Engine_State 1
END_PROCESSING Crypto_Engine_State 2
RESET_PROCESSING Crypto_Engine_State 3
 
X509V1 Identity_Type 1
SYMMETRIC Identity_Type 2
 
RSA Cipher 1
DES Cipher 2
RC4 Cipher 3
MD5DES Cipher 4
MD5RC2 Cipher 5
MD5 Cipher 6
SHA Cipher 7
 
PKCS7 Data_Unit_Format 1
RSAPAD Data_Unit_Format 2
ORACLEv1 Data_Unit_Format 3
Data Types SUBTYPE Crypto_Engine_Function IS dbms_crypto_toolkit_types.Crypto_Engine_Function;
SUBTYPE Crypto_Engine_State IS dbms_crypto_toolkit_types.Crypto_Engine_State;
SUBTYPE Identity_Type IS dbms_crypto_toolkit_types.Identity_Type;
SUBTYPE Cipher IS dbms_crypto_toolkit_types.Cipher;
SUBTYPE Data_Unit_Format IS dbms_crypto_toolkit_types.Data_Unit_Format;

-- Aliases to reduce typing.
SUBTYPE Wallet IS dbms_crypto_toolkit_types.Wallet;
SUBTYPE Persona IS dbms_crypto_toolkit_types.Persona;
SUBTYPE Identity IS dbms_crypto_toolkit_types.Identity;
SUBTYPE Identity_Array IS dbms_crypto_toolkit_types.Identity_Array;
SUBTYPE Alias_String IS dbms_crypto_toolkit_types.Alias_String;
SUBTYPE Comment_String IS dbms_crypto_toolkit_types.Comment_String;
SUBTYPE Identity_Description IS dbms_crypto_toolkit_types.Identity_Description;
SUBTYPE Identity_Description_List IS dbms_crypto_toolkit_types.Identity_Description_List;
SUBTYPE Persona_Description IS dbms_crypto_toolkit_types.Persona_Description;
SUBTYPE Persona_List IS dbms_crypto_toolkit_types.Persona_List;
SUBTYPE Private_Persona_Information IS dbms_crypto_toolkit_types.Private_Persona_Information;
Dependencies
DBMS_CRYPTO_TOOLKIT_FFI DBMS_CRYPTO_TOOLKIT_TYPES UTL_RAW
Documented No
Exceptions
Error Code Reason
ORA-28836 package_wallet_is_not_open
ORA-28840 package_wallet_is_open
First Available 10.1.0.3
Security Model Owned by SYS with EXECUTE granted to PUBLIC
Source {ORACLE_HOME}/rdbms/admin/dbmsoctk.sql
Subprograms
 
ABORTIDENTITY
Aborts an identity dbms_crypto_toolkit.abortIdentity(identity IN OUT Identity);
TBD
 
CLOSEPERSONA
Closes a persona within a wallet dbms_crypto_toolkit.closePersona(persona IN OUT Persona);
See Demo Below
 
CLOSEWALLET
Closes the identified wallet
Overload 1
dbms_crypto_toolkit.closeWallet(wallet IN OUT Wallet);
TBD
Closes the wallet kept by the package
Overload 2
dbms_crypto_toolkit.closeWallet;
exec dbms_crypto_toolkit.closeWallet;
 
CREATEIDENTITY
Creates an identity dbms_crypto_toolkit.createIdentity(
identitytype       IN  Identity_Type,
public_identity    IN  VARCHAR2,
alias              IN  VARCHAR2,
longer_description IN  VARCHAR2,
trust_qualifier    IN  VARCHAR2,
identity           OUT Identity);
TBD
 
CREATEPERSONA
Creates a persona dbms_crypto_toolkit.createPersona(
cipher_type         IN  Cipher,
private_information IN  Private_Persona_Information,
prl                 IN  VARCHAR2,
alias               IN  VARCHAR2,
longer_description  IN  VARCHAR2,
persona             OUT Persona);
TBD
 
CREATEWALLET
Creates the identified wallet

Overload 1
dbms_crypto_toolkit.createWallet(
password                IN     VARCHAR2,
wallet                  IN OUT Wallet,
wallet_resource_locator IN     VARCHAR2 DEFAULT NULL);
TBD
Used by applications which want to use the wallet kept by the package

Overload 2
dbms_crypto_toolkit.createWallet(
password                IN VARCHAR2,
wallet_resource_locator IN VARCHAR2 DEFAULT NULL);
SQL> BEGIN
  2    dbms_crypto_toolkit.createWallet('oracle1', wallet_resource_locator=>NULL);
  3  END;
  4  /
BEGIN
*
ERROR at line 1:
ORA-28817: PL/SQL function returned an error.
ORA-06512: at "SYS.DBMS_CRYPTO_TOOLKIT_FFI", line 74
ORA-06512: at "SYS.DBMS_CRYPTO_TOOLKIT", line 141
ORA-06512: at line 2
 
DECRYPT
Converts the contents of an encrypted message back into its original readable format

Overload 1
dbms_crypto_toolkit.decrypt(
persona          IN  Persona,
input            IN  RAW,
decrypted_data   OUT RAW,
decryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 2 dbms_crypto_toolkit.decrypt(
persona          IN Persona,
input            IN RAW,
decryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.decrypt(
persona          IN  Persona,
input_string     IN  VARCHAR2,
decrypted_string OUT VARCHAR2,
decryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.decrypt(
persona          IN Persona,
input_string     IN VARCHAR2,
decryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
 
DEENVELOPE
Remove a message from an envelope

Overload 1
dbms_crypto_toolkit.deEnvelope(
persona          IN  Persona,
enveloped_data   IN  RAW,
output_data      OUT RAW,
verified         OUT BOOLEAN,
validated        OUT BOOLEAN,
sender_identity  OUT Identity,
decryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 2 dbms_crypto_toolkit.deEnvelope(
persona          IN  Persona,
enveloped_data   IN  RAW,
verified         OUT BOOLEAN,
validated        OUT BOOLEAN,
sender_identity  OUT Identity,
decryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.deEnvelope(
persona          IN  Persona,
enveloped_string IN  VARCHAR2,
output_string    OUT VARCHAR2,
verified         OUT BOOLEAN,
validated        OUT BOOLEAN,
sender_identity  OUT Identity,
decryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.deEnvelope(
persona          IN  Persona,
enveloped_string IN  VARCHAR2,
verified         OUT BOOLEAN,
validated        OUT BOOLEAN,
sender_identity  OUT Identity,
decryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
 
DESTROYWALLET
Deletes a wallet bases on a given wallet resource locator dbms_crypto_toolkit.destroyWallet(
password                IN VARCHAR2,
wallet_resource_locator IN VARCHAR2 DEFAULT NULL);
TBD
 
ENCRYPT
Disguise the contents of a message and rendering it unreadable

Overload 1
dbms_crypto_toolkit.encrypt(
persona          IN  Persona,
input            IN  RAW,
encrypted_data   OUT RAW,
encryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 2 dbms_crypto_toolkit.encrypt(
persona          IN Persona,
input            IN RAW,
encryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.encrypt(
persona          IN Persona,
input_string     IN VARCHAR2,
encryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
 
ENVELOPE
Digitally signs a message for authentication and encrypting the message with the recipient's public key

Overload 1
dbms_crypto_toolkit.envelope(
persona          IN  Persona,
recipient        IN  Identity,
input            IN  RAW,
enveloped_data   OUT RAW,
encryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 2 dbms_crypto_toolkit.envelope(
persona          IN Persona,
recipient        IN Identity,
input            IN RAW,
encryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.envelope(
persona          IN  Persona,
recipient        IN  Identity,
input_string     IN  VARCHAR2,
enveloped_string OUT VARCHAR2,
encryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.envelope(
persona          IN Persona,
recipient        IN Identity,
input_string     IN VARCHAR2,
encryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
Overload 5 dbms_crypto_toolkit.envelope(
persona              IN  Persona,
number_of_recipients IN  POSITIVE,
recipient_list       IN  Identity_Array,
input                IN  RAW,
enveloped_data       OUT RAW,
encryption_state     IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 6 dbms_crypto_toolkit.envelope(
persona              IN Persona,
number_of_recipients IN POSITIVE,
recipient_list       IN Identity_Array,
input                IN RAW,
encryption_state     IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 7 dbms_crypto_toolkit.envelope(
persona              IN  Persona,
number_of_recipients IN  POSITIVE,
recipient_list       IN  Identity_Array,
input_string         IN  VARCHAR2,
enveloped_string     OUT VARCHAR2,
encryption_state     IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 8 dbms_crypto_toolkit.envelope(
persona              IN Persona,
number_of_recipients IN POSITIVE,
recipient_list       IN Identity_Array,
input_string         IN VARCHAR2,
encryption_state     IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
 
HASH
Generate a hash of the current message

Overload 1
dbms_crypto_toolkit.hash(
persona    IN  Persona,
input      IN  RAW,
hash       OUT RAW,
hash_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 2 dbms_crypto_toolkit.hash(
persona    IN Persona,
input      IN RAW,
hash_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.hash(
persona      IN  Persona,
input_string IN  VARCHAR2,
hash         OUT RAW,
hash_state   IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.hash(
persona      IN Persona,
input_string IN VARCHAR2,
hash_state   IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
 
INITIALIZE
Initialize the toolkit package for use dbms_crypto_toolkit.initialize;
exec dbms_crypto_toolkit.initialize;
 
KEYEDHASH
Generates a public key checksum

Overload 1
dbms_crypto_toolkit.keyedHash(
persona    IN  Persona,
input      IN  RAW,
keyed_hash OUT RAW,
hash_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 2 dbms_crypto_toolkit.keyedHash(
persona    IN Persona,
input      IN RAW,
hash_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.keyedHash(
persona      IN  Persona,
input_string IN  VARCHAR2,
keyed_hash   OUT RAW,
hash_state   IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.keyedHash(
persona      IN Persona,
input_string IN VARCHAR2,
hash_state   IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
 
OPENPERSONA
Opens a persona in the open wallet dbms_crypto_toolkit.openPersona(persona IN OUT Persona);
See Demo Below
 
OPENWALLET
Opens the identified wallet

Overload 1
dbms_crypto_toolkit.openWallet(
password                IN     VARCHAR2,
wallet                  IN OUT Wallet,
persona_list               OUT Persona_List,
wallet_resource_locator IN     VARCHAR2 DEFAULT NULL);
See Demo Below
Opens the wallet kept by the package

Overload 2
dbms_crypto_toolkit.openWallet(
password                IN     VARCHAR2,
persona_list               OUT Persona_List,
wallet_resource_locator IN     VARCHAR2 DEFAULT NULL);
TBD
 
PKDECRYPT
Decrypt for one recipient

Overload 1
dbms_crypto_toolkit.PKDecrypt(
persona          IN  Persona,
input            IN  RAW,
decrypted_data   OUT RAW,
decryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 2 dbms_crypto_toolkit.PKDecrypt(
persona          IN Persona,
input            IN RAW,
decryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.PKDecrypt(
persona          IN  Persona,
input_string     IN  VARCHAR2,
decrypted_string OUT VARCHAR2,
decryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.PKDecrypt(
persona          IN Persona,
input_string     IN VARCHAR2,
decryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
 
PKENCRYPT
Encrypt for one recipient

Overload 1
dbms_crypto_toolkit.PKEncrypt(
persona          IN  Persona,
recipient        IN  Identity,
input            IN  RAW,
encrypted_data   OUT RAW,
encryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 2 dbms_crypto_toolkit.PKEncrypt(
persona          IN Persona,
recipient        IN Identity,
input            IN RAW,
encryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.PKEncrypt(
persona          IN  Persona,
recipient        IN  Identity,
input_string     IN  VARCHAR2,
encrypted_string OUT VARCHAR2,
encryption_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.PKEncrypt(
persona          IN Persona,
recipient        IN Identity,
input_string     IN VARCHAR2,
encryption_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
Overload 5 dbms_crypto_toolkit.PKEncrypt(
persona              IN  Persona,
number_of_recipients IN  POSITIVE,
recipient_list       IN  Identity_Array,
input                IN  RAW,
encrypted_data       OUT RAW,
encryption_state     IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 6 dbms_crypto_toolkit.PKEncrypt(
persona              IN Persona,
number_of_recipients IN POSITIVE,
recipient_list       IN Identity_Array,
input                IN RAW,
encryption_state     IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 7 dbms_crypto_toolkit.PKEncrypt(
persona              IN  Persona,
number_of_recipients IN  POSITIVE,
recipient_list       IN  Identity_Array,
input_string         IN  VARCHAR2,
encrypted_string     OUT VARCHAR2,
encryption_state     IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 8 dbms_crypto_toolkit.PKEncrypt(
persona              IN Persona,
number_of_recipients IN POSITIVE,
recipient_list       IN Identity_Array,
input_string         IN VARCHAR2,
encryption_state     IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
 
RANDOMBYTES
Generates random bytes

Overload 1
dbms_crypto_toolkit.randomBytes(
persona                 IN  Persona,
number_of_bytes_desired IN  POSITIVE,
random_bytes            OUT RAW);
TBD
Overload 2 dbms_crypto_toolkit.randomBytes(
persona                 IN Persona,
number_of_bytes_desired IN POSITIVE)
RETURN RAW;
TBD
 
RANDOMNUMBER
Generates random numbers

Overload 1
dbms_crypto_toolkit.randomNumber(persona IN Persona, random_number OUT BINARY_INTEGER);
TBD
Overload 2 dbms_crypto_toolkit.randomNumber(persona IN Persona) RETURN BINARY_INTEGER;
TBD
 
REMOVEIDENTITY
Destroys an identity dbms_crypto_toolkit.removeIdentity(identity OUT Identity);
SQL> DECLARE
  2   RetVal dbms_crypto_toolkit_types.identity;
  3  BEGIN
  4    dbms_crypto_toolkit.removeIdentity(RetVal);
  5  END;
  6  /
DECLARE
*
ERROR at line 1:
ORA-28817: PL/SQL function returned an error.
ORA-06512: at "SYS.DBMS_CRYPTO_TOOLKIT_FFI", line 290
ORA-06512: at "SYS.DBMS_CRYPTO_TOOLKIT", line 253
ORA-06512: at line 4
 
REMOVEPERSONA
Removes a persona from a wallet dbms_crypto_toolkit.removePersona(persona IN OUT Persona);
TBD
 
SEEDRANDOM
Generates a random seed value
Overload 1
dbms_crypto_toolkit.seedRandom(persona IN Persona, seed IN RAW);
TBD
Overload 2 dbms_crypto_toolkit.seedRandom(persona IN Persona, seed IN VARCHAR2);
TBD
Overload 3 dbms_crypto_toolkit.seedRandom(persona IN Persona, seed IN BINARY_INTEGER);
TBD
 
SIGN
Create an attached signature associated with the current persona

Overload 1
dbms_crypto_toolkit.sign(
persona         IN  Persona,
input           IN  RAW,
signature       OUT RAW,
signature_state IN  Crypto_Engine_State
DEFAULT END_PROCESSING);
See Demo Below
Overload 2 dbms_crypto_toolkit.sign(
persona         IN Persona,
input           IN RAW,
signature_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.sign(
persona         IN  Persona,
input_string    IN  VARCHAR2,
signature       OUT RAW,
signature_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
See Demo Below
Overload 4 dbms_crypto_toolkit.sign(
persona         IN Persona,
input_string    IN VARCHAR2,
signature_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
 
SIGNDETACHED
Creates a signature generated from a message kept separate from the message signature associated with the current persona

Overload 1
dbms_crypto_toolkit.signDetached(
persona         IN  Persona,
input           IN  RAW,
signature       OUT RAW,
signature_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
See Demo Below
Overload 2 dbms_crypto_toolkit.signDetached(
persona         IN Persona,
input           IN RAW,
signature_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.signDetached(
persona         IN  Persona,
input_string    IN  VARCHAR2,
signature       OUT RAW,
signature_state IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.signDetached(
persona         IN Persona,
input_string    IN VARCHAR2,
signature_state IN Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
 
STOREPERSONA
Stores the persona, a combination of an identity (public information) and associated private information

Overload 1
dbms_crypto_toolkit.storePersona(
persona IN OUT Persona,
wallet  IN OUT Wallet);
TBD
Used by applications that want to use the wallet kept by the package

Overload 2
dbms_crypto_toolkit.storePersona(persona IN OUT Persona);
SQL> DECLARE
  2   RetVal dbms_crypto_toolkit_types.persona;
  3  BEGIN
  4    dbms_crypto_toolkit.storePersona(RetVal);
  5  END;
  6  /
DECLARE
*
ERROR at line 1:
ORA-28836: Wallet is not open.
ORA-06512: at "SYS.DBMS_CRYPTO_TOOLKIT", line 172
ORA-06512: at line 4


-- follow the link at page bottom for "Wallet" to create a wallet and open it

SQL> DECLARE
  2   RetVal dbms_crypto_toolkit_types.persona;
  3  BEGIN
  4    dbms_crypto_toolkit.storePersona(RetVal);
  5  END;
  6  /
DECLARE
*
ERROR at line 1:
ORA-28836: Wallet is not open.
ORA-06512: at "SYS.DBMS_CRYPTO_TOOLKIT", line 172
ORA-06512: at line 4


SQL> SELECT status
  2  FROM v$encryption_wallet;

STATUS
-------
OPEN
 
STORETRUSTEDIDENTITY
Stores an identity as a trustpoint within a wallet dbms_crypto_toolkit.storeTrustedIdentity(
identity IN OUT Identity,
persona  IN     Persona);
TBD
 
TERMINATE
Stop Cryptographic Toolkit operation dbms_crypto_toolkit.terminate;
exec dbms_crypto_toolkit.terminate;
 
VALIDATE
Uses the trusted identities associated with a persona to validate an identity dbms_crypto_toolkit.validate(
persona  IN Persona,
identity IN Identity)
RETURN BOOLEAN;
TBD
 
VERIFY
Verify an attached signature

Overload 1
dbms_crypto_toolkit.verify(
persona                IN  Persona,
signature              IN  RAW,
extracted_message      OUT RAW,
verified               OUT BOOLEAN,
validated              OUT BOOLEAN,
signing_party_identity OUT Identity,
signature_state        IN  Crypto_Engine_State DEFAULT END_PROCESSING);
See Demo Below
Overload 2 dbms_crypto_toolkit.verify(
persona                IN  Persona,
signature              IN  RAW,
verified               OUT BOOLEAN,
validated              OUT BOOLEAN,
signing_party_identity OUT Identity,
signature_state        IN  Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN RAW;
TBD
Overload 3 dbms_crypto_toolkit.verify(
persona                  IN  Persona,
signature                IN  RAW,
extracted_message_string OUT VARCHAR2,
verified                 OUT BOOLEAN,
validated                OUT BOOLEAN,
signing_party_identity   OUT Identity,
signature_state          IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
Overload 4 dbms_crypto_toolkit.verify(
persona                IN  Persona,
signature              IN  RAW,
verified               OUT BOOLEAN,
validated              OUT BOOLEAN,
signing_party_identity OUT Identity,
signature_state        IN  Crypto_Engine_State DEFAULT END_PROCESSING)
RETURN VARCHAR2;
TBD
 
VERIFYDETACHED
Verify a detached signature

Overload 1
dbms_crypto_toolkit.verifyDetached(
persona                IN  Persona,
data                   IN  RAW,
signature              IN  RAW,
verified               OUT BOOLEAN,
validated              OUT BOOLEAN,
signing_party_identity OUT Identity,
signature_state        IN  Crypto_Engine_State DEFAULT END_PROCESSING);
See Demo Below
Overload 2 dbms_crypto_toolkit.verifyDetached(
persona                IN  Persona,
data_string            IN  VARCHAR2,
signature              IN  RAW,
verified               OUT BOOLEAN,
validated              OUT BOOLEAN,
signing_party_identity OUT Identity,
signature_state        IN  Crypto_Engine_State DEFAULT END_PROCESSING);
TBD
 
Demo
This crypto toolkit demo was published by Oracle as:

Oracle Cryptographic Toolkit Programmer's Guide
Release 2.0.4
A54082-02
Sample PL/SQL Code

It has been modified for clarity and to fix a number of syntax errors that prevent the Oracle demo from compiling.
conn sys@pdbdev as sysdba
set serveroutput on

DECLARE
 all_done         BOOLEAN := FALSE;
 decrypted_string VARCHAR2 (2048);
 encrypted_string VARCHAR2 (2048);
 extracted_string VARCHAR2 (128);
 hash_string      VARCHAR2 (2048);
 persona          dbms_crypto_toolkit.persona;
 persona_list     dbms_crypto_toolkit.persona_list;
 recipient        dbms_crypto_toolkit.identity;
 signature        RAW(2048);
 signing_party    dbms_crypto_toolkit.identity;
 string_input     VARCHAR2(6) := '123456';
 string_validated BOOLEAN := FALSE;
 string_verified  BOOLEAN := FALSE;
 wallet           dbms_crypto_toolkit.wallet;

 -- package state flags
 initialized      BOOLEAN := FALSE;
 wallet_opened    BOOLEAN := FALSE;
 persona_opened   BOOLEAN := FALSE;

 encrypt_unsupported_msg VARCHAR2(64) := 'Encryption Unsupported - Ignoring Exception';

 done_exception EXCEPTION;
 operation_unsupported EXCEPTION;

 PRAGMA EXCEPTION_INIT (operation_unsupported, -28841);
BEGIN
  dbms_crypto_toolkit.initialize;
  initialized := TRUE;

  -- open wallet
  dbms_crypto_toolkit.openWallet('oracle1!', wallet, persona_list, 'default:');
  wallet_opened := TRUE;

  -- establish the identity associated with the first persona in the wallet
  dbms_output.put_line('Alias: ' || persona_list(1).alias);
  dbms_output.put_line('Comment: ' || persona_list(1).comment);
  persona.persona := persona_list(1).persona;
  recipient.descriptor := persona_list(1).identity;

  -- open the first persona
  dbms_crypto_toolkit.openPersona(persona);
  persona_opened := TRUE;

  -- create an attached signature associated with the current persona
  dbms_crypto_toolkit.sign(persona=>persona, input=>string_input, signature=>signature);

  -- verify the attached signature
  dbms_crypto_toolkit.verify(persona => persona,
                             signature => signature,
                             extracted_message => extracted_string,
                             verified => string_verified,
                             validated => string_validated,
                             signing_party_identity => signing_party);

  IF string_validated THEN
    dbms_output.put_line('Signature Validated');
  ELSE
    NULL;  -- need to handle failure condition
  END IF;

  IF string_verified THEN
    dbms_output.put_line('Verified');
  ELSE
    NULL;  -- need to handle failure condition
  END IF;

  -- create a detached signature associated with the current persona
  dbms_crypto_toolkit.signDetached(persona => persona,
                                  input => string_input,
                                  signature => signature);

  -- verify the detached signature
  dbms_crypto_toolkit.verifyDetached(persona => persona,
                                     data => string_input,
                                     signature => signature,
                                     verified => string_verified,
                                     validated => string_validated,
                                     signing_party_identity => signing_party);

  IF string_validated THEN
    dbms_output.put_line('Validated');
  ELSE
    NULL;  -- need to handle failure condition
  END IF;

  IF string_verified THEN
    dbms_output.put_line('Verified');
  ELSE
    NULL;  -- need to handle failure condition
  END IF;

  -- generate a hash of the current message
  dbms_crypto_toolkit.hash(persona => persona,
                           input => string_input,
                           hash => hash_string);

  IF string_input = hash_string THEN
    dbms_output.put_line('Hash Succeeded');
  END IF;

  all_done := TRUE;
  RAISE done_exception;
EXCEPTION
  WHEN OTHERS THEN
    -- close the current open persona
    IF persona_opened THEN
      dbms_crypto_toolkit.closePersona(persona);
    END IF;

    -- close the wallet
    IF wallet_opened THEN
      dbms_crypto_toolkit.closeWallet(wallet);
    END IF;

    -- stop Cryptographic Toolkit operation
    IF initialized THEN
      dbms_crypto_toolkit.terminate;
    END IF;

    IF NOT all_done THEN
      RAISE;
    END IF;
END;
/

Related Topics
DBMS_CRYPTO
DBMS_CRYPTO_FFI
DBMS_CRYPTO_INTERNAL
DBMS_CRYPTO_TOOLKIT_TYPES
DBMS_RANDOM
DBMS_SQLHASH
Packages
UTL_RAW
Wallet
What's New In 12cR1
What's New In 12cR2

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2017 Daniel A. Morgan All Rights Reserved