Blob UDFs
These UDFs can be used to encrypt and decrypt the data stored in the BLOB data type.
pty.ins_encrypt_blob
This function is used to encrypt the data stored in a BLOB with an encryption data element.
Signature:
pty.ins_encrypt_blob(dataelement CHAR, input_data BLOB , scid INTEGER)
Parameters:
| Name | Type | Description |
|---|---|---|
dataelement | CHAR | Specifies the name of the data element. |
input_data | BLOB | Specifies the input data. |
scid | BINARY_INTEGER | Specifies the security co-ordinate ID. Set the value of the parameter to zero. Note: This parameter is no longer used and is retained for compatibility purposes only. |
Returns:
This UDF returns the encrypted value as the BLOB data.
> Note: If you perform a protect operation with the input data as null or empty, then the output will be an empty_blob.
Exception:
If the user does not have protect privileges in the policy, then the UDF terminates with an error message explaining what went wrong.
Example:
select pty.ins_encrypt_blob('AES256',TO_BLOB('691F89CD2BCBF055EFD4F3B51470AEF6'),0) from dual;
Caution: A maximum of 1.5 GB of input data can be protected using the
pty.ins_encrypt_blobUDF. Thepty.ins_encrypt_blobUDF will return an unexpected behaviour if you exceed the maximum input data limit of 1.5 GB. For example:ORA-28579: network error during callback from external procedure agent.
pty.sel_decrypt_blob
This function is used to decrypt the encrypted data stored in a BLOB with an encryption data element.
Signature:
pty.sel_decrypt_blob (dataelement CHAR, input_data BLOB, scid INTEGER)
Parameters:
| Name | Type | Description |
|---|---|---|
dataelement | CHAR | Specifies the name of the data element. |
input_data | BLOB | Specifies the input data. |
scid | BINARY_INTEGER | Specifies the security co-ordinate ID. Set the value of the parameter to zero. Note: This parameter is no longer used and is retained for compatibility purposes only. |
Returns:
- This UDF returns the decrypted value as the BLOB data.
- This UDF returns the decrypted value as an EMPTY_BLOB, when the user has no access to the database.
Note: If you perform a protect operation with the input data as null or empty, then the output will be an
empty_blob.
Exception:
If the user does not have unprotect access rights in the policy, then the UDF terminates with an error message explaining what went wrong.
Example:
select pty.sel_decrypt_blob('AES256',pty.ins_encrypt_blob('AES256',TO_BLOB('691F89CD2BCBF055EFD4F3B51470AEF6'),0),0) from dual;
Feedback
Was this page helpful?