1 PACKAGE fnd_crypto AUTHID CURRENT_USER AS
2 /* $Header: AFSOCTKS.pls 120.2 2005/09/24 00:11:26 jnurthen noship $ */
3
4 -- Hash Functions
5 HASH_MD5 CONSTANT PLS_INTEGER := 2;
6
7 -- MAC Functions
8 HMAC_MD5 CONSTANT PLS_INTEGER := 1;
9 HMAC_CRC CONSTANT PLS_INTEGER := 4;
10
11 -- Block Ciphers
12 DES_CBC_PKCS5 CONSTANT PLS_INTEGER := 4353;
13 DES3_CBC_PKCS5 CONSTANT PLS_INTEGER := 4355;
14
15 -- Encoding Formats
16 ENCODE_B64 CONSTANT PLS_INTEGER := 1; -- Base 64
17 ENCODE_URL CONSTANT PLS_INTEGER := 2; -- URL 64
18 ENCODE_ORC CONSTANT PLS_INTEGER := 3; -- URL 64 drop bits
19
20 -- Conversion formats
21 CONVERT_ICX_STYLE CONSTANT PLS_INTEGER := 1; -- icx.CRC style
22
23
24
25
26
27 ----------------------------- EXCEPTIONS ----------------------------------
28 -- Invalid Cipher Suite
29 InvalidCipherSuite EXCEPTION;
30 PRAGMA EXCEPTION_INIT(InvalidCipherSuite, -28827);
31
32
33 ---------------------- FUNCTIONS AND PROCEDURES ------------------------
34
35 ------------------------------------------------------------------------
36 --
37 -- NAME: Encrypt
38 --
39 -- DESCRIPTION:
40 --
41 -- Encrypt plain text data using stream or block cipher with user
42 -- supplied key and optional iv.
43 --
44 -- PARAMETERS
45 --
46 -- plaintext - Plaintext data to be encrypted
47 -- crypto_type - Stream or block cipher type plus modifiers
48 -- key - Key to be used for encryption
49 -- iv - Optional IV for block ciphers. Default all zeros.
50 --
51 ------------------------------------------------------------------------
52 FUNCTION Encrypt (plaintext IN RAW,
53 crypto_type IN PLS_INTEGER DEFAULT DES3_CBC_PKCS5,
54 key IN RAW,
55 iv IN RAW DEFAULT NULL)
56 RETURN RAW;
57
58
59 ------------------------------------------------------------------------
60 --
61 -- NAME: Decrypt
62 --
63 -- DESCRIPTION:
64 --
65 -- Decrypt crypt text data using stream or block cipher with user
66 -- supplied key and optional iv.
67 --
68 -- PARAMETERS
69 --
70 -- cryptext - Crypt text data to be decrypted
71 -- crypto_type - Stream or block cipher type plus modifiers
72 -- key - Key to be used for encryption
73 -- iv - Optional IV for block ciphers. Default all zeros.
74 --
75 ------------------------------------------------------------------------
76 FUNCTION Decrypt (cryptext IN RAW,
77 crypto_type IN PLS_INTEGER DEFAULT DES3_CBC_PKCS5,
78 key IN RAW,
79 iv IN RAW DEFAULT NULL)
80 RETURN RAW;
81
82
83 ------------------------------------------------------------------------
84 --
85 -- NAME: EncryptNum
86 --
87 -- DESCRIPTION:
88 --
89 -- Encrypt number with DES_CBC. Number is converted to binary form
90 -- (hexify then RAW), padded with leading ZEROs, encrypted and
91 -- encoded with URL-Safe Base64.
92 --
93 -- PARAMETERS
94 --
95 -- num - Number to be encrypted
96 -- key - Key to be used for encryption
97 -- iv - Optional IV for block ciphers. Default all zeros.
98 --
99 ------------------------------------------------------------------------
100 FUNCTION EncryptNum(num IN NUMBER,
101 key IN RAW,
102 iv IN RAW DEFAULT NULL)
103 RETURN VARCHAR2;
104
105
106 ------------------------------------------------------------------------
107 --
108 -- NAME: DecryptNum
109 --
110 -- DESCRIPTION:
111 --
112 -- Decrypt Varchar2 to number with DES_CBC. Varchar2 is decoded,
113 -- decrypted, hexified and converted to a number.
114 --
115 -- PARAMETERS
116 --
117 -- cryptext - Data to be decrypted into a number.
118 -- key - Key to be used for decryption
119 -- iv - Optional IV for block ciphers. Default all zeros.
120 --
121 ------------------------------------------------------------------------
122 FUNCTION DecryptNum(cryptext IN VARCHAR2,
123 key IN RAW,
124 iv IN RAW DEFAULT NULL)
125 RETURN NUMBER;
126
127
128 ------------------------------------------------------------------------
129 --
130 -- NAME: Hash
131 --
132 -- DESCRIPTION:
133 --
134 -- Hash source data by cryptographic hash type.
135 --
136 -- PARAMETERS
137 --
138 -- source - Source data to be hashed
139 -- hash_type - Hash algorithm to be used
140 --
141 -- USAGE NOTES:
142 -- SHA-1 (HASH_SH1) is recommended. Consider encoding returned
143 -- raw value to hex or base64 prior to storage.
144 --
145 ------------------------------------------------------------------------
146 FUNCTION Hash (source IN RAW,
147 hash_type IN PLS_INTEGER default HASH_MD5)
148 RETURN RAW;
149
150
151 ------------------------------------------------------------------------
152 --
153 -- NAME: Mac
154 --
155 -- DESCRIPTION:
156 --
157 -- Message Authentication Code algorithms provide keyed message
158 -- protection.
159 --
160 -- PARAMETERS
161 --
162 -- source - Source data to be mac-ed
163 -- mac_type - Mac algorithm to be used
164 -- key - Key to be used for mac
165 --
166 -- USAGE NOTES:
167 -- Callers should consider encoding returned raw value to hex or
168 -- base64 prior to storage.
169 --
170 ------------------------------------------------------------------------
171 FUNCTION Mac (source IN RAW,
172 mac_type IN PLS_INTEGER default HMAC_MD5,
173 key IN RAW)
174 RETURN RAW;
175
176
177 ------------------------------------------------------------------------
178 --
179 -- NAME: RandomBytes
180 --
181 -- DESCRIPTION:
182 --
183 -- Returns a raw value containing a pseudo-random sequence of
184 -- bytes.
185 --
186 -- PARAMETERS
187 --
188 -- number_bytes - Number of pseudo-random bytes to be generated.
189 --
190 -- USAGE NOTES:
191 -- number_bytes should not exceed maximum RAW length.
192 --
193 ------------------------------------------------------------------------
194 FUNCTION RandomBytes (number_bytes IN POSITIVE)
195 RETURN RAW;
196
197
198 ------------------------------------------------------------------------
199 --
200 -- NAME: RandomNumber
201 --
202 -- DESCRIPTION:
203 --
204 -- Returns a random NUMBER, 16 bytes.
205 --
206 -- PARAMETERS
207 --
208 -- None.
209 --
210 ------------------------------------------------------------------------
211 FUNCTION RandomNumber
212 RETURN NUMBER;
213
214 ------------------------------------------------------------------------
215 --
216 -- NAME: SmallRandomNumber
217 --
218 -- DESCRIPTION:
219 --
220 -- Returns a small random NUMBER, 4 bytes.
221 --
222 -- PARAMETERS
223 --
224 -- None.
225 --
226 ------------------------------------------------------------------------
227 FUNCTION SmallRandomNumber
228 RETURN NUMBER;
229
230 ------------------------------------------------------------------------
231 --
232 -- NAME: Encode
233 --
234 -- DESCRIPTION:
235 --
236 -- Encodes a RAW into specified format (ENCODE_*).
237 --
238 -- PARAMETERS
239 --
240 -- source - Source data to be endoded.
241 -- fmt_type - Encoding type for raw to varchar2.
242 --
243 ------------------------------------------------------------------------
244 FUNCTION Encode (source IN RAW,
245 fmt_type IN PLS_INTEGER)
246 RETURN VARCHAR2;
247
248
249 ------------------------------------------------------------------------
250 --
251 -- NAME: Decode
252 --
253 -- DESCRIPTION:
254 --
255 -- Decodes a VARCHAR2 into RAW using the specified format (ENCODE_*).
256 --
257 -- PARAMETERS
258 --
259 -- source - Source data to be endoded.
260 -- fmt_type - Encoding type for varchar2 to raw.
261 --
262 ------------------------------------------------------------------------
263 FUNCTION Decode (source IN VARCHAR2,
264 fmt_type IN PLS_INTEGER)
265 RETURN RAW;
266
267 ------------------------------------------------------------------------
268 --
269 -- NAME: RandomString
270 --
271 -- DESCRIPTION:
272 --
273 -- Returns a random VARCHAR2, of a length len, made up of
274 -- user-secified characters.
275 -- If using the output of this function to generate passwords it is the caller's
276 -- responsisilbity to ensure that the generated password conforms to any password
277 -- rules. This routine merely generates a random fixed length string from an input mask.
278 --
279 -- If sublen is specified then a second mask sublen_msk is used for the first sublen
280 -- characters of len. This is useful when an object has rules such as the 1st character
281 -- of the generated string must be non-numeric.
282 --
283 -- Sublen_msk defaults to A-Z
284 -- msk defaults to A-Z,0-9
285 --
286 -- PARAMETERS
287 --
288 -- len - Length of the String - up to 1000
289 -- msk (optional) - The type of mask (masks can be found in FND_CRYPTO_CONSTANTS).
290 -- sublen (optional) - The number of initial characters to use sublen_msk below.
291 -- sublen_msk (optional) - An optional mask for the sublen
292 --
293 -- ERROR CONDITIONS
294 -- Throws VALUE_ERROR if
295 -- len is > than 1000
296 -- sublen > len
297 -- msk is null or sublen_msk is null
298 ------------------------------------------------------------------------
299
300 function RandomString(len IN INTEGER,
301 msk IN VARCHAR2 default FND_CRYPTO_CONSTANTS.ALPHANUMERIC_UPPER_MASK,
302 sublen IN INTEGER default 0,
303 sublen_msk IN VARCHAR2 default FND_CRYPTO_CONSTANTS.ALPHABETIC_UPPER_MASK)
304 return VARCHAR2;
305
306
307 END fnd_crypto;