Can DBMS_CRYTO Package encrypt using a HMAC-SHA-1 Signature?

Similar Messages

• Can DBMS_ADVISOR package be used for SQL Tuning Advisor ?

  Can DBMS_ADVISOR package be used for SQL Tuning Advisor ?

  SQL> SELECT * from v$version;
  BANNER
  Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - Production
  PL/SQL Release 11.1.0.6.0 - Production
  CORE    11.1.0.6.0      Production
  TNS for 32-bit Windows: Version 11.1.0.6.0 - Production
  NLSRTL Version 11.1.0.6.0 - Production

• Why can I no longer use an image for my signature on forms?  The only option I have now is "use a certificate".  It was never like this until today.

  Why can I no longer use an image for my signature on forms?  The only option I have now is "use a certificate".  It was never like this until today.

  Hi,
  I had never heard of someone using the iPhone Number as the ID in the iMessages account in the Mac version.
  i.e without adding an Apple ID
  iMessages does allow iPhone numbers and mine lists mine.
  I would try this.
  Sign Out of the iMessages account and Quit Messages
  On the iPhone in Settings > Messages remove the Apple ID
  Set the iPhone to Airplane mode for a few minutes (to break with the  Server)
  On starting the phone up again check the iPhone Number  is ticked for iMessages.
  If it is add the Apple ID
  On the Mac restart Messages
  Add the Apple ID
  At this point you should get a pop up or two saying the iPhone is using the Number and Apple ID.
  Accept these and they get added to the Receive At list and Send From drop down.
  9:41 pm      Monday; October 28, 2013
    iMac 2.5Ghz 5i 2011 (Mavericks 10.9)
   G4/1GhzDual MDD (Leopard 10.5.8)
   MacBookPro 2Gb (Snow Leopard 10.6.8)
   Mac OS X (10.6.8),
   Couple of iPhones and an iPad

• How can I encrypt(using PKI credential) a package/portfolio using Assembler Service

  Hi All,
  I have found a way to encrypt (using password credential) a package/
  portfolio using a DDX and calling invokeDDX service of Assembler
  Service. see the DDX snippet below
  How  can I do the PKI based encryption on the package. I couldn't find
  any DDX element for this.
  snippet:
  <?xml version="1.0" encoding="UTF-8"?>
    <DDX xmlns="http://ns.adobe.com/DDX/1.0/">
       <PDF result="GeneratedDocument.pdf" encryption="userProtect" >
          <PDF source="cover"/>
             <PackageFiles>
             <PDF source="attachments"/>
          </PackageFiles>
         </PDF>
        <PasswordEncryptionProfile name="userProtect">
                   <OpenPassword>abcd1234</OpenPassword>
       </PasswordEncryptionProfile>
    </DDX>
  Thanks
  greenday

  The documentation lists all the encyrption types:
  http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14258/d_crypto.htm#ARPLS664

• How to find length of string after encryption using DBMS_CRYPTO package

  Hi,
  I am planning do data encryption using DBMS_CRYPTO package. I want to find how much will be string length after encryption.
  e.g When I try to encrypt string of length between 1-15 characters it gives me encrypted string of 32 characters. When I try with 16 charcters encrypted string is of 64 characters.
  Is ther any formula to calculate length of encrypted string?
  Thanks
  Pravin

  The length change is dependent upon the algorithm you are using which can be a combination of cipher block, padding, and chaining.
  The best solution is determine the method you are going to use and apply it to the l ongest possible strings you are going to proces, then add some safety margin. There iis no penalty for defining your column as VARCHAR2(4000).

• Can my MacBook Pro use boot camp with Windows 7 with BitLocker encryption?

  I'm at wit's end with this, and I'm hoping I can get some advice here.  I've read so many forum, posts and reviews that I'm not entirely sure what I can trust.
  I have an early 2011 MacBook Pro (MacBookPro8,3). I need to run Windows encrypted for work purposes. It needs to be real windows with full-disk encryption (FDE). The business tools run in boot camp, but not in Parallels, because Parallels doesn't support DirectX 11. I would also benefit greatly from an SSD.
  I do not want to do anything hacky like removing the Mac reocovery partition, because I've read that just loading Disk Utility in OS X might mess up your patrition boot tables as it tries to "fix" things. I don't want to have to manually reocover to fix stuff or chance losing data.
  I have read (and tried) installing BitLocker on Windows 7 Ultimate under boot camp, but ran into the partition limit on my internal HDD. A maximum of 4 partitions are allowed, and between OS X, its recovery, boot camp, and the Windows partition, all 4 are used.
  I have considered one of the following, which may work:
  Install OWC's Data Doubler Kit with an additional 240GB SSD (http://eshop.macsales.com/item/OWC/DDMBS6E240/). I would replace the internal SuperDrive with the HDD, and install the new SSD on the faster SATA 6G port. Windows would be installed on the SSD and OS X would stay on the HDD.
  Replace the internal HDD with a new SSD (keeping the SuperDrive). I would lose OS X altogether and just have Windows installed.
  Forget the entire thing and just buy a PC for work.
  My thoughts are that with option both options #1 and #2, I don't even know if these setups will allow BitLocker. In both cases, Windows will be the only partition on the drive, so I'm assuming that when BitLocker is installed, there will be room for the new partition it creates. With option #1, I'm pretty sure I'd still be using Boot Camp, but how would that would for option #2? Is boot camp used even though there is no Mac partition? Would I still need to keey the Mac Recovery partition for this to work? I'd probably need to use Boot Camp drivers under Windows, I think.
  I'd certainly be interested in using a self-encrypting drive (SED), especially a SSD, but I'm concerned that most of them appear to require TPM or BIOS functions that Mac's EFI does not provide. Such a drive would allow me to drop BitLocker, but I would need to be use the self-encryption actually works on this setup. From what I've read, most of the SED drives will work just fine under EFI, but you won't be able to set or access the encryption password, which pretty much makes these drives unencrypted.
  I've read that BitLocker can be configured to use a flash drive as a decryption key, but I haven't been able to test that yet. I'm tried creating bootable flash drives under Windows and OS X, and none of them seem to appear when I access the boot menu (hold option during boot chime). I don't even know if this system supports bootable USB flash drives, or whether they can be used as a BitLocker key under boot camp.
  For the record, I have attempted to use an external thunderbolt drive as my Windows partition, but Windows doesn't want to be installed on removable media, and even if it worked, I believe you can only boot OS X from thunderbolt. I do have a second OS X install booting from the thunderbolt drive, so I know that works. Also, FileVault 2 is installed on my OS X partition, and I read something about FV2 using the Recovery partition somehow so you can't remove the recovery partition to make room for BitLocker.
  So ... does anyone have any suggestions preferably based on personal experience as to whether options #1 or #2 should work for my needs?
  At this point, I'm really thinking I should just bite the bullet and purchase a PC that I will forever look down upon.

  Are you using a MacBook Pro? Is everything installed on the same drive?
  I would love to know how that install was performed. When I install Windows under boot camp, my MacBook Pro drive ends up with 4 partitions: Mac, Mac Recovery, Windows, and a small partition that I believe is used by boot camp.
  Installing BitLocker on Windows requires the creation of a new small partition that Windows will boot off. The small partition is unencrypted, while the primary Windows partition will get encrypted. The following post discusses the maximum partition issue: https://discussions.apple.com/message/22753791#22753791
  Has anyone installed Windows through boot camp on it's own drive, and if so, can BitLocker be installed on that without reaching any partition limit? I'm assuming that's possible, but would like to know before I spend hundreds on new hardware.

• I tried to encrypt using file vault but it froze slowing my macbook pro, how can i get things moving or stop the encryption

  i tried to encrypt using file vault but it froze slowing my macbook pro, how can i get things moving or stop the encryption

  Back up all data before proceeding. There are ways to back up a computer that isn't fully functional. Ask if you need guidance.
  Start up in Recovery mode. When the OS X Utilities screen appears, select Disk Utility.
  In the Disk Utility window, select the icon of the startup volume from the list on the left. It will be nested below another disk icon, usually with the same name. Click the Unlock button in the toolbar. When prompted, enter the login password of a user authorized to unlock the volume, or the alternate decryption key that was generated when you activated FileVault.
  Then, from the menu bar, select
            File ▹ Turn Off Encryption
  Enter the password again.
  You can then restart as usual, if the system is working. Decryption will be completed in the background. It may take several hours, and during that time performance will be reduced.
  If you can't turn off encryption in Disk Utility because the menu item is grayed out, you'll have to erase the volume and then restore the data from a backup. Select the Erase tab, and then select
            Mac OS Extended (Journaled)
  from the Format menu.
  You can then quit to be returned to the main Recovery screen. Follow these instructions if you back up with Time Machine. If you use other backup software, follow its developer's instructions.
  Don't erase the volume unless you have at least two complete, independent backups. One is not enough to be safe.

• How can a type defined in a PL/SQL package be used by an object?

  How can a type defined in a PL/SQL package be used by an object?
  In the PL/SQL Reference manual it says that object attributes can be
  types defined inside a PL/SQL package: How do you make this work?
  Here is a sample that demonstrates what I am trying to do:
  CREATE OR REPLACE
  PACKAGE Phone IS
  TYPE Phone_rectype IS RECORD (
  Main VARCHAR2(12),
  Home VARCHAR2(12),
  Business VARCHAR2(12),
  Mobile VARCHAR2(12),
  Fax VARCHAR2(12),
  Pager VARCHAR2(12)
  END Phone;
  CREATE OR REPLACE
  TYPE customer_type
  AS OBJECT (
  CustNo NUMBER,
  CustName VARCHAR2(30),
  PhoneNumber Phone.Phone_rectype
  This is the error that i get:
  Warning: Type created with compilation errors.
  Errors for TYPE CUSTOMER_TYPE:
  LINE/COL ERROR
  0/0 PL/SQL: Compilation unit analysis terminated
  5/15 PLS-00201: identifier 'PHONE.PHONE_RECTYPE' must be declared
  null

  That's a good point, Justin - thanks for the advice. At the moment, our process of data validation isn't very well defined, so the table definitions aren't always the same beyond a core set. As we get more automated and able to develop table definitions flexible enough to accomodate all the quirks in client data, I may be able to consider moving to a single schema to take advantage of maintenance and performance improvements. My ultimate concern with doing that is that the datasets we're dealing with can be tens of millions of rows in size. Clearly, I'm no DBA, but I just assumed that we would be able to churn through these datasets faster if they were in a schema by themselves rather than lumped together into one huge half-a-billion row table?

• Can the multi-sco packager be used to package Muse projects for LMS?

  We are currently experimenting with Muse, and we are interested in the posibility of using Muse to develop eLearning courses. Is there any way that Muse projects can be packaged into a zip file that can be loaded into an LMS? Perhaphs using Captivate's multi-sco packager?

  Captivate's Multi-SCORM Packager is purely for Captivate content and it usually has to be created by a specific version of Captivate to be compatible with a specific version of the packager app.  So, the answer is most likely to be no.

• Can an Access 2013 accdb file be encrypted using command line switches?

  Can an Access 2013 accdb file be encrypted using command line switches?
  I found all the command switches, but nothing about encrypting.  And I've searched online and found nothing.
  Can this be done?
  Thanks!

  Hi Sharon2000,
  I think you could try the Database.NewPassword Method (DAO) in the VBScript file, and you could get more information about it from the link below:
  #Database.NewPassword Method (DAO)
  https://msdn.microsoft.com/en-us/library/office/ff844754.aspx
  Here is a simple demo to achieve your issue.
  Best Regards,
  Edward
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click HERE to participate the survey.

• How can I deploy EFS using Group Policy and automatically encrypt computers for ALL users who login?

  How can I deploy EFS using Group Policy and Active Directory with a goal to automatically encrypt computers for ALL users who login? (NOT an option for me to use BitLocker)
  I was asked to deploy EFS to encrypt the user my documents folder and profile on all of the users laptops. The laptops are in common areas (board meeting rooms, etc) and security of files is a must.
  I successfully created a recovery certificate in AD. I created an OU and setup an EFS policy and users can now login and select to encrypt their own files. The issue is that management would like to have automaticy Encrypt ALL users my documents AUTOMATICALLY
  when a user login.
  Can this be done?
  Please help

  Hi,
  Any update?
  Just checking in to see if the suggestions were helpful. Please let us know if you would like further assistance.
  Best Regards,
  Andy Qi
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback on our support quality, please send your feedback
  here.
  Andy Qi
  TechNet Community Support

• How can I use UC4 instead of SSIS Master Package deployed using project deployment model?

  Hi Folks,
  My team is planning to opt UC4 for scheduling the SQL Jobs and I have to come up with a plan to integrate it. 
  As of now, I do not have software licence in place to do some research. 
  If you have worked on it, can you tell me that how can I schedule SSIS packages using UC4. 
  Also, we are using SSIS project parameters (Project deployment Model). What kind of changes I have to make in SSIS packages to support UC4. Is it possible to pass parameters to SSIS package through UC4? If not, is there any alternativ?
  Appreciate your help!
  Gaurav Gupta

  If you have access to Automic Community, there are details there on how to execute SSIS 2012 packages deployed in SSISDB catalog (project deployment model). Here is the link:
  https://community.automic.com/discussion/4878/how-to-execute-sql-server-data-tools-ssdt-2012-package-synchronously-using-sql-job
  Leonard

• Can a nook be used with os7

  Can a Nook be used with Apple products?  I don't want network or virus problems.

  Android is the most malware-prone, insecure platform there is - but millions of users seem to survive without dropping like flies!
  I can't answer Q.1 but as for Q2:
  How safe is your smartphone? (Android is the top malware collector)
  A major source of malware, apart from sites like Facebook and Hotmail, is the Android Marketplace:
  More than 50 applications available via the official Android Marketplace were initially found to contain a virus.
  Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times. The apps are also known to be available on unofficial Android stores too. Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
  Remote removal of the booby-trapped apps may not solve all the security problems they pose. The remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection.
  Moreover, more than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online.
  http://www.bbc.co.uk/news/technology-13422308
  The data being leaked is typically used to get at web-based services such as Google Calendar.
  The open nature of the Android platform was a boon and a danger, and as Facebook have already discovered it is also a very attractive criminal playground.
  http://www.bbc.co.uk/news/technology-12633923
  Smartphones and social networking sites are likely to become the next big target for cyber criminals, according to a security industry report.
  Symantec's annual threat analysis warns that the technologies are increasingly being used to spread malicious code
  Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable.
  In several cases, the security holes were exploited and used to install harmful software on Android handsets - suggesting that criminals now view smartphone hacking as a potentially lucrative area, and Android is still in the firing line:
  http://www.bbc.co.uk/news/uk-15600697
  Android: it's getting worse: Juniper found a 400% increase in Android malware from 2009 to the summer of 2010.  We have since seen exponential grow in Android malware over the last several months. The Juniper Global Threat Center found that the months of October and November are shaping up to see the fastest growth in Android malware discovery in the history of the platform. The number of malware samples identified in September increased by 28% over the number of the known Android malware samples. October showed a 110% increase in malware sample collection over the previous month and a striking 171% increase from what had been collected up to July 2011.
  July 2012: Smartphones running Google's Android software have been hijacked by an illegal botnet, according to a Microsoft researcher.
  Botnets are large illegal networks of infected machines - usually desktop or laptop computers - typically used to send out masses of spam email.
  Researcher Terry Zink said there was evidence of spam being sent from Yahoo mail servers by Android devices:  http://www.bbc.co.uk/news/technology-18720565
  One question Juniper always get when discussing our research is if Apple’s iOS is more or less secure than Android? Maybe, but it’s not necessarily because of the security or lack of vulnerabilities in the platforms themselves. The main reason for the malware epidemic on Android is because of different approaches that Apple and Google take to police their application stores. Android’s open applications store model, which the lacks code signing and an application review process that Apple requires, makes it easy for attackers to distribute their malware. There is still no upfront review process in the official Android Market that offers even the hint of a challenge to malware writers that their investment in coding malware will be for naught.
  http://globalthreatcenter.com/?p=2492
  At least six different varieties of malware were discovered hidden in applications that were distributed through a Chinese download service.
  Several pieces of malware were also found on iPhones, however only devices that had been "jailbroken" to bypass Apple's security were affected.
  The company's process of pre-vetting all new applications is believed to have spared its devices from a major attack.
  (Apple closed out 2011 with a commanding 52.1 percent share of mobile devices tracked browsing the Web, while Google's Android had just 16.2 percent.)
  And most recently this:
  Millions of people are using Android apps that can be tricked into revealing personal data, research indicates.
  Scientists tested 13,500 Android apps and found almost 8% failed to protect bank account and social media logins.
  These apps failed to implement standard scrambling systems, allowing "man-in-the-middle" attacks to reveal data that passes back and forth when devices communicate with websites.
  http://www.bbc.co.uk/news/technology-20025973
  And this:
  Freezing an Android phone can help reveal its confidential contents, German security researchers have found.
  The team froze phones for an hour as a way to get around the encryption system that protects the data on a phone by scrambling it.
  Google introduced the data scrambling system with the latest version of Android called Ice Cream Sandwich.
  The attack allowed the researchers to get at contact lists, browsing histories and photos.
  http://www.bbc.co.uk/news/technology-21697704
  Update from May 2013:
  Malware targeting mobile devices is rapidly growing in both the number of variants found in the wild and in their complexity and sophistication, but the only platform being actively targeted is Google's Android, which researchers now say is resembling Windows on the desktop PC.
  http://appleinsider.com/articles/13/05/14/mobile-malware-exploding-but-only-for- android
  And in early June 2013 a highly toxic trojan began attacking the Android platform:
  According to reports:
  Obad.a exploits previously unknown Android bugs, uses Bluetooth and Wi-Fi connections to spread to near-by handsets, and allows attackers to issue malicious commands using standard SMS text messages.
  By exploiting this vulnerability, malicious applications can enjoy extended Device Administrator privileges without appearing on the list of applications which have such privileges," Unuchek said. "As a result of this, it is impossible to delete the malicious program from the smartphone after it gains extended privileges."
  More information here:
  http://arstechnica.com/security/2013/06/behold-the-worlds-most-sophisticated-and roid-trojan
  A recent study on smartphone malware has found that 92 percent of nefarious mobile software is targeted at Google's Android platform, and the amount of attacks are growing:
  The latest data released in June 2013 by Juniper Networks reveals that Android malware has grown at a "staggering rate" over the last three years. In 2010, it accounted for just 24 percent of all mobile malware, while as of this March the platform accounts for nearly all of it.
  In the last year alone, the total number of malicious apps has grown 614 percent to 276,259. The annual Mobile Threats support also identified more than 500 third-party Android application stores worldwide that are known to host mobile malware.
  http://newsroom.juniper.net/press-releases/juniper-networks-finds-mobile-threats -continue-ram-nyse-jnpr-1029552
  The far reaching vulnerability, discovered by San Francisco's Bluebox Security, involves "discrepancies in how Android applications are cryptographically verified & installed, allowing for APK code modification without breaking the cryptographic signature."
  Android apps (packaged as an "APK") are signed with an encryption key (just like iOS apps) to prevent a malicious party from changing the code. Signed apps are expressly designed to enable the system to detect any tampering or modification.
  However, due to the newly discovered Android flaw, a rogue developer can trick the system into thinking that a compromised app is still legitimate, giving it system wide access to do virtually anything.
  "A device affected by this exploit could do anything in the realm of computer malice, including become a part of a botnet, eavesdrop with the microphone, export your data to a third party, encrypt your data and hold it hostage, use your device as a stepping stone to another network, attack your connected PC, send premium SMS messages, perform a DDoS attack against a target, or wipe your device," a representative of the company wrote AppleInsider:
  http://appleinsider.com/articles/13/07/03/security-flaw-opens-all-modern-android -devices-to-zombie-botnet-takeover
  The problem (with Android) is: that committee design has failed to make Android a good platform for either users or for developers. By not making any hard choices and giving people what they said they wanted, Google simply abandoned the future to cling tenaciously to the past.
  Rather than conceptualizing and engineering really new solutions to historical computing problems as Apple did with iOS, Google has only attempted to wrest control away from iOS via volume shipments and has effectively sent mobile computing back in time into the 1990s, resulting in the same malware, spyware, viruses and usability issues of Windows.
  http://appleinsider.com/articles/13/07/14/editorial-googles-android-haunted-by-s teve-jobs-warnings-on-app-signing-security
  The Department of Homeland Security considers the malware threat from Android so serious that they issued a public warning on July 23, 2013:
  http://info.publicintelligence.net/DHS-FBI-AndroidThreats.pdf

• Date field encryption using Dbms_Obfuscation_Toolkit.DESENCRYPT

  Hi,
  I need to encrypt the date field in the table using Dbms_Obfuscation_Toolkit.DESENCRYPT .
  This is an table is an existing table and is accessed by many interfaces, so we cannot change the column type of this date field.
  Is there a possibility of encrypting the date field and store it in the same column (DATE type).
  And access this using Dbms_Obfuscation_Toolkit.DESDECRYPT.
  We are using Oracle 11.2.0.2.0.
  Thanks in advance.
  Agathya

  >
  Is there a possibility of encrypting the date field and store it in the same column (DATE type).
  >
  No - the DESENCRYPT procedure returns a RAW value which can't be stored in a DATE column.
  See DESENCRYPT Procedures and Functions in Chapter 82 (DBMS_OBFUSCATION_TOOLKIT) of the PL/SQl Packages and Types Doc
  http://docs.oracle.com/cd/B28359_01/appdev.111/b28419/d_obtool.htm#i997215
  For what you want to do just use the ENCRYPT option of the CREATE TABLE or ALTER TABLE statements.
  See Using Transparent Data Encryption in the Advanced Security Admin Guide
  http://docs.oracle.com/cd/B28359_01/network.111/b28530/asotrans.htm#BABJJAIG
  >
  3.2 Using Transparent Data Encryption
  The following steps discuss using transparent data encryption:
  •Enabling Transparent Data Encryption
  •Setting and Resetting theMaster Encryption Key
  •Opening the Encrypted Wallet
  •Creating Tables with Encrypted Columns
  •Encrypting Columns in Existing Tables
  •Creating an Index on an Encrypted Column
  •Adding or Removing Salt from an Encrypted Column
  •Changing the Encryption Key or Algorithm for Tables Containing Encrypted Columns
  >
  Section 3.2.5.2 Encrypting an Unencrypted Column shows the ALTER TABLE statement for encrypting an existing column - this would leave the column as a DATE and you would work with it normally
  >
  3.2.5.2 Encrypting an Unencrypted Column
  To encrypt an unencrypted column, use the ALTER TABLE MODIFY command, specifying the unencrypted column with the ENCRYPT clause. Example 3-7 encrypts the first_name column in the employee table.
  Example 3-7 Encrypting an Unencrypted Column
  ALTER TABLE employee MODIFY (first_name ENCRYPT);
  The first_name column is encrypted with the default AES192 algorithm. Salt is added to the data, by default.
  You can choose to encrypt the column using a different algorithm. You can also specify NO SALT, if you wish to index the column.

• Triple DES CBC Encryption using an Initial Vector

  How can triple DES encryption in CBC be done using the javacard package and not javax?
  Will this do?
                 cipher3DESCBCDebSesKey1.init( key, Cipher.MODE_ENCRYPT, initVector, (short) 0, (short) 8);
                 cipher3DESCBCDebSesKey1.doFinal( input, (short) 0, (short) 16, SesKey, (short) 0 );
  After all the initialization, will the doFinal already give me the result of triple DES using CBC? or do I have to init* and doFinal* three times?
  Also, I used the no pad setting for this one.
  cipher3DESCBCDebSesKey1 = Cipher.getInstance( Cipher.ALG_DES_CBC_NOPAD, false );

  The fact that only the first block is corrupt is indicative that I you are not using the same IV on both sides. This is confirmed by your PHP code that seems to generate a random IV so your chance of getting the same IV on both sides is just about zero.