使用 Oracle的存储过程实现数据加密和解密

 我们都知道,几乎所有的数据库都有存储过程,但在实际开发中,它有什么用途了?下面使用Oracle的存储过程,采用Oracle自带的dbms_obfuscation_toolkit.desencrypt对数据进行加密,需要注意的是密码的长度必须为8的倍数,然后使用Java来调用这个存储过程。

  具体的实现实例:

一、创建一个加密和解密的存储过程

第一步 创建表admin

create table admin(

ADMIN_ID number(10) primary key,

ADMIN_NAME varchar2(40) unique,

ADMIN_PWD varchar2(16) unique,

ADMIN_REALNAME varchar2(60),

ADMIN_EMAIL varchar2(60)

);

create sequence admin_seq;

第二步 插入数据

insert into admin values(admin_seq.nextval,'afeng','afeng1232323we23','陈征峰','[email protected]');

select * from admin;

第三步 创建一个存储过程对ADMIN_PWD进行加密

CREATE OR REPLACE PROCEDURE Encrypt_admin(adminNAME varchar2)

  is

  keyString VARCHAR2(8) := 'czfafeng';

  encryptedString VARCHAR2(2048);

  pwdString VARCHAR2(2048);

  BEGIN

  select ADMIN_PWD into pwdString

  from admin

  where ADMIN_NAME = adminNAME;

  dbms_obfuscation_toolkit.desencrypt(

  input_string => pwdString,

  key_string => keyString,

  encrypted_string => encryptedString);

  update admin set ADMIN_PWD = encryptedString

  where ADMIN_NAME = adminNAME;

  commit;

  END;

第四步 调用加密过程

begin

  Encrypt_admin('afeng');

end;

第五步 创建一个存储过程对ADMIN_PWD进行解密后写入数据库

  CREATE OR REPLACE PROCEDURE decrypt_admin(adminNAME varchar2)

  is

  keyString VARCHAR2(8) := 'czfafeng';

  decryptedString VARCHAR2(2048);

  pwdString VARCHAR2(2048);

  BEGIN

  select ADMIN_PWD into pwdString

  from admin

  where ADMIN_NAME = adminNAME;

 

  dbms_obfuscation_toolkit.DESDecrypt(

  input_string => pwdString,

  key_string => keyString,

  decrypted_string => decryptedString);

  update admin set ADMIN_PWD = decryptedString

  where ADMIN_NAME = adminNAME;

  commit;

  END;

  第六步 调用解密过程

  begin

decrypt_admin('afeng');

end;

第七步 创建一个存储过程对ADMIN_PWD进行解密,并输出

CREATE OR REPLACE PROCEDURE decrypt_admin(adminNAME varchar2,decrypt_pwd out varchar2)

  is

  keyString VARCHAR2(8) := 'czfafeng';

  decryptedString VARCHAR2(2048);

  pwdString VARCHAR2(2048);

  BEGIN

  select ADMIN_PWD into pwdString

  from admin

  where ADMIN_NAME = adminNAME;

  dbms_obfuscation_toolkit.DESDecrypt(

  input_string => pwdString,

  key_string => keyString,

  decrypted_string => decryptedString);

  decrypt_pwd:=decryptedString;

 EXCEPTION

  WHEN Others

  -- NO_DATA_FOUND

  THEN

  decrypt_pwd:=trunc(DBMS_RANDOM.VALUE(1,200000)) ;

  END;

 

 第八步 调用解密过程

 declare

  pwd varchar2(40);

  begin

decrypt_admin('afeng1',pwd);

dbms_output.put_line(pwd);

end;

 

 

 

 

 

二、Java调用存储过程

import java.sql.Connection;

import java.sql.DriverManager;

import java.sql.PreparedStatement;

import java.sql.SQLException;

import java.util.Scanner;

 

import oracle.jdbc.OracleCallableStatement;

public class Produres_DES {

      public static Connection conn;

      public String sql;

      static{

            try {

                  Class.forName("oracle.jdbc.driver.OracleDriver");

                   conn=DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:orcl","system","orcl");

            } catch (ClassNotFoundException e) {

                  // TODO Auto-generated catchblock

                  e.printStackTrace();

            } catch (SQLException e) {

                  // TODO Auto-generated catchblock

                  e.printStackTrace();

            }

      }

       

      public void desDecrypt(){

            @SuppressWarnings("resource")

            Scanner input=new Scanner(System.in);

            System.out.println("请输入后台管理员的用户名:");

            String username=input.next();

            System.out.println("请输入后台管理员的密码:");

            String userpwd=input.next();

            String sql2="{call decrypt_admin(?,?)}";

            //生成一个执行过程的语句对象

            OracleCallableStatement ocs;

            try {

                  ocs = (OracleCallableStatement)conn.prepareCall(sql2);

                  ocs.setString(1, username);

                  ocs.registerOutParameter(2,java.sql.Types.VARCHAR);

                  ocs.execute();

                  String pwd=ocs.getString(2);

                  if(pwd.equals(userpwd)){

                        System.out.println("登录成功!");

                  }else{

                        System.out.println("登录失败");

                  }

                  ocs.close();

            } catch (SQLException e) {

                  // TODO Auto-generated catchblock

                  e.printStackTrace();

            }

             

      }

      public void desEncrypt(){

            String sql="insert into admin values(admin_seq.nextval,?,?,?,?)";

            @SuppressWarnings("resource")

            Scanner input=new Scanner(System.in);

            System.out.println("请输入后台管理员用户名:");

            String username=input.next();

            System.out.println("请输入后台管理员密码(长度为8的倍数):");

            String pwd=input.next();

            System.out.println("请输入后台管理员的真实姓名:");

            String name=input.next();

            System.out.println("请输入后台管理员的邮箱:");

            String email=input.next();

            try {

                  PreparedStatement pstmt=conn.prepareStatement(sql);

                  pstmt.setString(1, username);

                  pstmt.setString(2, pwd);

                  pstmt.setString(3, name);

                  pstmt.setString(4, email);

                  pstmt.executeUpdate();

                  String sql2="{call Encrypt_admin(?)}";

                  //生成一个执行过程的语句对象

                  OracleCallableStatement ocs=(OracleCallableStatement)conn.prepareCall(sql2);

                  ocs.setString(1, username);

                  ocs.execute();

                  ocs.close();

                  System.out.println("插入数据和加密成功!");

            } catch (SQLException e) {

                  // TODO Auto-generated catchblock

                  e.printStackTrace();

            }

             

      }

       

  public static void main(String[] args) {

        Produres_DES des=new Produres_DES();

        //des.desEncrypt();

        des.desDecrypt();

       

}

}

 

你可能感兴趣的:(后台Java)