Compute Hash Key To String Generate Random
by admin
Compute Hash Key To String Generate Random Rating: 8,3/10 9696 votes
Can I generate a random 32 bit key by using the Java hashCode and random English words? Simply prep your dictionary and then set up a function to compute the hash of each combination and check the rest of the list for a collision. Perhaps akin to your thinking, 100000^2 is 2^32 so it is not practical to expect the result to be collision. Random String Generator. This form allows you to generate random text strings. The randomness comes from atmospheric noise, which for many purposes is better than the pseudo-random number algorithms typically used in computer programs. .NET/C# Generate SHA1 hex string for a string encoded as UTF8 - SHA1Util.cs.NET/C# Generate SHA1 hex string for a string encoded as UTF8 - SHA1Util.cs. Skip to content. All gists Back to GitHub. Sign in Sign up. /// Compute hash for string encoded as UTF8 ///.
- Compute Hash Key To String Generate Random Numbers
- Compute Hash Key To String Generate Random Line
- C# Compute Hash
- Compute Hash Key To String Generate Random Table
- Compute Hash Key To String Generate Random Word
- Compute Hash Key To String Generate Random Code
The script content on this page is for navigation purposes only and does not alter the content in any way.
DBMS_CRYPTO provides an interface to encrypt and decrypt stored data, and can be used in conjunction with PL/SQL programs running network communications. It provides support for several industry-standard encryption and hashing algorithms, including the Advanced Encryption Standard (AES) encryption algorithm. Delta force xtreme cd key generator. AES has been approved by the National Institute of Standards and Technology (NIST) to replace the Data Encryption Standard (DES).
See Also:
Oracle Database Security Guide for further information about using this package and about encrypting data in general.This chapter contains the following topics:
Overview
Security Model
Types
Algorithms
Restrictions
Exceptions
Operational Notes
Using the DBMS_CRYPTO Subprograms
Overview
DBMS_CRYPTO contains basic cryptographic functions and procedures. To use this package correctly and securely, a general level of security expertise is assumed.
The DBMS_CRYPTO package enables encryption and decryption for common Oracle datatypes, including RAW and large objects (LOBs), such as images and sound. Specifically, it supports BLOBs and CLOBs. In addition, it provides Globalization Support for encrypting data across different database character sets.
The following cryptographic algorithms are supported:
Data Encryption Standard (DES), Triple DES (3DES, 2-key and 3-key)
Advanced Encryption Standard (AES)
MD5, MD4, and SHA-1 cryptographic hashes
MD5 and SHA-1 Message Authentication Code (MAC)
Block cipher modifiers are also provided with DBMS_CRYPTO. You can choose from several padding options, including PKCS (Public Key Cryptographic Standard) #5, and from four block cipher chaining modes, including Cipher Block Chaining (CBC).
Table 39-1 lists the DBMS_CRYPTO package features in comparison to the other PL/SQL encryption package, the DBMS_OBFUSCATION_TOOLKIT.
Table 39-1 DBMS_CRYPTO and DBMS_OBFUSCATION_TOOLKIT Feature Comparison
| Package Feature | DBMS_CRYPTO | DBMS_OBFUSCATION_TOOLKIT |
|---|---|---|
Cryptographic algorithms | DES, 3DES, AES, RC4, 3DES_2KEY | DES, 3DES |
Padding forms | Generating a hash code from public and private keys. PKCS5, zeroes | none supported |
Block cipher chaining modes | CBC, CFB, ECB, OFB | CBC |
Cryptographic hash algorithms | MD5, SHA-1, MD4 | MD5 |
Keyed hash (MAC) algorithms | HMAC_MD5, HMAC_SH1 | none supported |
Cryptographic pseudo-random number generator |
|
|
Database types |
|
|
DBMS_CRYPTO is intended to replace the DBMS_OBFUSCATION_TOOLKIT, providing greater ease of use and support for a range of algorithms to accommodate new and existing systems. Specifically, 3DES_2KEY and MD4 are provided for backward compatibility. It is not recommended that you use these algorithms because they do not provide the same level of security as provided by 3DES, AES, MD5, or SHA-1.
Security Model
Oracle Database installs this package in the SYS schema. You can then grant package access to existing users and roles as needed.
Types
Parameters for the DBMS_CRYPTO subprograms use these datatypes:
Table 39-2 DBMS_CRYPTO Datatypes
| Type | Description |
|---|---|
| A source or destination binary LOB |
| A source or destination character LOB (excluding NCLOB) |
| Specifies a cryptographic algorithm type (used with BLOB, CLOB, and RAW datatypes) |
| A source or destination RAW buffer |
Algorithms
The following cryptographic algorithms, modifiers, and cipher suites are predefined in this package.
Table 39-3 DBMS_CRYPTO Cryptographic Hash Functions
| Name | Description |
|---|---|
| Produces a 128-bit hash, or message digest of the input message |
| Also produces a 128-bit hash, but is more complex than MD4 |
| Secure Hash Algorithm (SHA). Produces a 160-bit hash. |
Table 39-4 DBMS_CRYPTO MAC (Message Authentication Code) Functions
| Name | Description |
|---|---|
HMAC_MD5Foot 1 | Same as MD5 hash function, except it requires a secret key to verify the hash value. |
HMAC_SH1Footref 1 | Same as SHA hash function, except it requires a secret key to verify the hash value. |
Footnote 1 Complies with IETF RFC 2104 standard
Table 39-5 DBMS_CRYPTO Encryption Algorithms
| Name | Description |
|---|---|
| Data Encryption Standard. Block cipher. Uses key length of 56 bits. |
| Data Encryption Standard. Block cipher. Operates on a block 3 times with 2 keys. Effective key length of 112 bits. |
| Data Encryption Standard. Block cipher. Operates on a block 3 times. |
ENCRYPT_AES128 | Advanced Encryption Standard. Block cipher. Uses 128-bit key size. |
ENCRYPT_AES192 | Advanced Encryption Standard. Block cipher. Uses 192-bit key size. |
ENCRYPT_AES256 | Advanced Encryption Standard. Block cipher. Uses 256-bit key size. |
| Stream cipher. Uses a secret, randomly generated key unique to each session. |
Table 39-6 DBMS_CRYPTO Block Cipher Suites
| Name | Description |
|---|---|
| ENCRYPT_DESFoot 1 + CHAIN_CBCFoot 2 + PAD_PKCS5Foot 3 |
|
|
Footnote 1 See Table 39-5, 'DBMS_CRYPTO Encryption Algorithms'
Footnote 2 See Table 39-7, 'DBMS_CRYPTO Block Cipher Chaining Modifiers'
Footnote 3 See Table 39-8, 'DBMS_CRYPTO Block Cipher Padding Modifiers'
Table 39-7 DBMS_CRYPTO Block Cipher Chaining Modifiers
| Name | Description |
|---|---|
| Electronic Codebook. Encrypts each plaintext block independently. |
| Cipher Block Chaining. Plaintext is XORed with the previous ciphertext block before it is encrypted. |
| Cipher-Feedback. Enables encrypting units of data smaller than the block size. |
| Output-Feedback. Enables running a block cipher as a synchronous stream cipher. Similar to CFB, except that n bits of the previous output block are moved into the right-most positions of the data queue waiting to be encrypted. |
Table 39-8 DBMS_CRYPTO Block Cipher Padding Modifiers
| Name | Description |
|---|---|
| Provides padding which complies with the PKCS #5: Password-Based Cryptography Standard |
| Provides option to specify no padding. Caller must ensure that blocksize is correct, else the package returns an error. |
| Provides padding consisting of zeroes. |
Restrictions
The VARCHAR2 datatype is not directly supported by DBMS_CRYPTO. Before you can perform cryptographic operations on data of the type VARCHAR2, you must convert it to the uniform database character set AL32UTF8, and then convert it to the RAW datatype. After performing these conversions, you can then encrypt it with the DBMS_CRYPTO package.
See Also:
'Conversion Rules' for information about converting datatypes.Exceptions
Table 39-9 lists exceptions that have been defined for DBMS_CRYPTO.
Table 39-9 DBMS_CRYPTO Exceptions
| Exception | Code | Description |
|---|---|---|
|
| The specified cipher suite is not defined. |
|
| No value has been specified for the cipher suite to be used. |
|
| The encryption key has not been specified or contains a NULL value. |
|
| DES keys: Specified key size is too short. DES keys must be at least 8 bytes (64 bits). AES keys: Specified key size is not supported. AES keys must be 128, 192, or 256 bits in length. |
|
| Source data was previously encrypted. |
Operational Notes
When to Use Encrypt and Decrypt Procedures or Functions
This package includes both ENCRYPT and DECRYPT procedures and functions. The procedures are used to encrypt or decrypt LOB datatypes (overloaded for CLOB and BLOB datatypes). In contrast, the ENCRYPT and DECRYPT functions are used to encrypt and decrypt RAW datatypes. Data of type VARCHAR2 must be converted to RAW before you can use DBMS_CRYPTO functions to encrypt it.
When to Use Hash or Message Authentication Code (MAC) Functions
This package includes two different types of one-way hash functions: the HASH function and the MAC function. Hash functions operate on an arbitrary-length input message, and return a fixed-length hash value. One-way hash functions work in one direction only. It is easy to compute a hash value from an input message, but it is extremely difficult to generate an input message that hashes to a particular value. Note that hash values should be at least 128 bits in length to be considered secure.
You can use hash values to verify whether data has been altered. For example, before storing data, Laurel runs DBMS_CRYPTO.HASH against the stored data to create a hash value. When she returns the stored data at a later date, she can again run the hash function against it, using the same algorithm. If the second hash value is identical to the first one, then the data has not been altered. Hash values are similar to 'file fingerprints' and are used to ensure data integrity.
The HASH function included with DBMS_CRYPTO, is a one-way hash function that you can use to generate a hash value from either RAW or LOB data. The MAC function is also a one-way hash function, but with the addition of a secret key. It works the same way as the DBMS_CRYPTO.HASH function, except only someone with the key can verify the hash value.
MACs can be used to authenticate files between users. They can also be used by a single user to determine if her files have been altered, perhaps by a virus. A user could compute the MAC of his files and store that value in a table. If the user did not use a MAC function, then the virus could compute the new hash value after infection and replace the table entry. A virus cannot do that with a MAC because the virus does not know the key.
About Generating and Storing Encryption Keys
The DBMS_CRYPTO package can generate random material for encryption keys, but it does not provide a mechanism for maintaining them. Application developers must take care to ensure that the encryption keys used with this package are securely generated and stored. Also note that the encryption and decryption operations performed by DBMS_CRYPTO occur on the server, not on the client. Consequently, if the key is sent over the connection between the client and the server, the connection must be protected by using network encryption. Otherwise, the key is vulnerable to capture over the wire.
Although DBMS_CRYPTO cannot generate keys on its own, it does provide tools you can use to aid in key generation. For example, you can use the RANDOMBYTES function to generate random material for keys. (Calls to the RANDOMBYTES function behave like calls to the DESGETKEY and DES3GETKEY functions of the DBMS_OBFUSCATION_TOOLKIT package.)
When generating encryption keys for DES, it is important to remember that some numbers are considered weak and semiweak keys. Keys are considered weak or semiweak when the pattern of the algorithm combines with the pattern of the initial key value to produce ciphertext that is more susceptible to cryptanalysis. To avoid this, filter out the known weak DES keys. Lists of the known weak and semiweak DES keys are available on several public Internet sites.
See Also:
Oracle Database Advanced Security Administrator's Guide for information about configuring network encryption and SSL.
'Key Management' for a full discussion about securely storing encryption keys
Conversion Rules
To convert
VARCHAR2toRAW, use theUTL_I18N.STRING_TO_RAWfunction to perform the following steps:Convert
VARCHAR2in the current database character set toVARCHAR2in the AL32UTF8 database character.Convert
VARCHAR2in the AL32UTF8 database character set toRAW.
Syntax example:
To convert
RAWtoVARCHAR2, use theUTL_I18N.RAW_TO_CHARfunction to perform the following steps:Convert
RAWtoVARCHAR2in the AL32UTF8 database character set.Convert
VARCHAR2in the AL32UTF8 database character set toVARCHAR2in the database character set you wish to use.
Syntax example:
See Also:
Chapter 225, 'UTL_I18N' for information about using theUTL_I18NPL/SQL package.If you want to store encrypted data of the
RAWdatatype in aVARCHAR2database column, then useRAWTOHEXorUTL_ENCODE.BASE64_ENCODEto make it suitable forVARCHAR2storage. These functions expand data size by 2 and 4/3, respectively.
Examples
The following listing shows PL/SQL block encrypting and decrypting pre-defined 'input_string' using 256-bit AES algorithm with Cipher Block Chaining and PKCS#5 compliant padding.
Summary of DBMS_CRYPTO Subprograms
Table 39-10 DBMS_CRYPTO Package Subprograms
| Subprogram | Description |
|---|---|
Decrypts | |
Decrypts | |
Encrypts | |
Encrypts | |
Applies one of the supported cryptographic hash algorithms (MD4, MD5, or SHA-1) to data | |
Applies Message Authentication Code algorithms (MD5 or SHA-1) to data to provide keyed message protection | |
Returns a | |
Returns a random | |
Returns a random 128-bit integer of the |
DECRYPT Function
This function decrypts RAW data using a stream or block cipher with a user supplied key and optional IV (initialization vector).
Syntax
Pragmas
Parameters
Table 39-11 DECRYPT Function Parameters
| Parameter Name | Description |
|---|---|
|
|
| Stream or block cipher type and modifiers to be used. |
| Key to be used for decryption. |
| Optional initialization vector for block ciphers. Default is |
Usage Notes
To retrieve original plaintext data,
DECRYPTmust be called with the same cipher, modifiers, key, and IV that was used to encrypt the data originally.See Also:
'Usage Notes' for theENCRYPTfunction for additional information about the ciphers and modifiers available with this package.If
VARCHAR2data is converted toRAWbefore encryption, then it must be converted back to the appropriate database character set by using theUTL_I18Npackage.See Also:
'Conversion Rules' for a discussion of theVARCHAR2toRAWconversion process.
DECRYPT Procedures
These procedures decrypt LOB data using a stream or block cipher with a user supplied key and optional IV (initialization vector).
Syntax
Pragmas
Parameters
Table 39-12 DECRYPT Procedure Parameters
| Parameter Name | Description |
|---|---|
dst |
|
|
|
| Stream or block cipher type and modifiers to be used. |
| Key to be used for decryption. |
| Optional initialization vector for block ciphers. Default is all zeroes. |
ENCRYPT Function
This function encrypts RAW data using a stream or block cipher with a user supplied key and optional IV (initialization vector).
Syntax
Pragmas
Parameters
Table 39-13 ENCRYPT Function Parameters
| Parameter Name | Description |
|---|---|
|
|
| Stream or block cipher type and modifiers to be used. |
| Encryption key to be used for encrypting data. |
| Optional initialization vector for block ciphers. Default is |
Usage Notes
Block ciphers may be modified with chaining and padding type modifiers. The chaining and padding type modifiers are added to the block cipher to produce a cipher suite. Cipher Block Chaining (CBC) is the most commonly used chaining type, and PKCS #5 is the recommended padding type. See Table 39-7 and Table 39-8 for block cipher chaining and padding modifier constants that have been defined for this package.
To improve readability, you can define your own package-level constants to represent the cipher suites you use for encryption and decryption. For example, the following example defines a cipher suite that uses DES, cipher block chaining mode, and no padding:
See Table 39-6 for the block cipher suites already defined as constants for this package.
To encrypt
VARCHAR2data, it should first be converted to the AL32UTF8 character set.See Also:
'Conversion Rules' for a discussion of the conversion process.Stream ciphers, such as RC4, are not recommended for stored data encryption.
ENCRYPT Procedures
These procedures encrypt LOB data using a stream or block cipher with a user supplied key and optional IV (initialization vector).
Syntax
Pragmas
Parameters
Table 39-14 ENCRYPT Procedure Parameters
| Parameter Name | Description |
|---|---|
dst |
|
|
|
| Stream or block cipher type and modifiers to be used. |
| Encryption key to be used for encrypting data. |
| Optional initialization vector for block ciphers. Default is |
Usage Notes
Compute Hash Key To String Generate Random Numbers
See 'Conversion Rules' for usage notes about using the ENCRYPT procedure.
HASH Function
A one-way hash function takes a variable-length input string, the data, and converts it to a fixed-length (generally smaller) output string called a hash value. The hash value serves as a unique identifier (like a fingerprint) of the input data. You can use the hash value to verify whether data has been changed or not.
Note that a one-way hash function is a hash function that works in one direction. It is easy to compute a hash value from the input data, but it is hard to generate data that hashes to a particular value. Consequently, one-way hash functions work well to ensure data integrity. Refer to 'When to Use Hash or Message Authentication Code (MAC) Functions' for more information about using one-way hash functions.
This function applies to data one of the supported cryptographic hash algorithms listed in Table 39-3.
Syntax
Pragmas
Parameters
Compute Hash Key To String Generate Random Line
Table 39-15 HASH Function Parameters
| Parameter Name | Description |
|---|---|
| The source data to be hashed. |
| The hash algorithm to be used. |
Usage Note
Oracle recommends that you use the SHA-1 (Secure Hash Algorithm), specified with the constant, HASH_SH1, because it is more resistant to brute-force attacks than MD4 or MD5. If you must use a Message Digest algorithm, then MD5 provides greater security than MD4.
MAC Function
A Message Authentication Code, or MAC, is a key-dependent one-way hash function. MACs have the same properties as the one-way hash function described in 'HASH Function', but they also include a key. Only someone with the identical key can verify the hash. Also refer to 'When to Use Hash or Message Authentication Code (MAC) Functions' for more information about using MACs.
This function applies MAC algorithms to data to provide keyed message protection. See Table 39-4 for a list of MAC algorithms that have been defined for this package.
Syntax
Pragmas
Parameters
Table 39-16 MAC Function Parameters
| Parameter Name | Description |
|---|---|
| Source data to which MAC algorithms are to be applied. |
| MAC algorithm to be used. |
| Key to be used for MAC algorithm. |
RANDOMBYTES Function
This function returns a RAW value containing a cryptographically secure pseudo-random sequence of bytes, which can be used to generate random material for encryption keys. The RANDOMBYTES function is based on the RSA X9.31 PRNG (Pseudo-Random Number Generator).
Syntax
Pragmas
Parameters
Table 39-17 RANDOMBYTES Function Parameter
| Parameter Name | Description |
|---|---|
| The number of pseudo-random bytes to be generated. |
Usage Note
The number_bytes value should not exceed the maximum length of a RAW variable.
RANDOMINTEGER Function
This function returns an integer in the complete range available for the Oracle BINARY_INTEGER datatype.
Syntax
Pragmas
RANDOMNUMBER Function
This function returns an integer in the Oracle NUMBER datatype in the range of [0.2**128-1].
Syntax
Pragmas
--> Computes the hash value for a file by using a specified hash algorithm.
Syntax
Description
The Get-FileHash cmdlet computes the hash value for a file by using a specified hash algorithm.A hash value is a unique value that corresponds to the content of the file. Rather than identifyingthe contents of a file by its file name, extension, or other designation, a hash assigns a uniquevalue to the contents of a file. File names and extensions can be changed without altering thecontent of the file, and without changing the hash value. Similarly, the file's content can bechanged without changing the name or extension. However, changing even a single character in thecontents of a file changes the hash value of the file.
The purpose of hash values is to provide a cryptographically-secure way to verify that the contentsof a file have not been changed. While some hash algorithms, including MD5 and SHA1, are no longerconsidered secure against attack, the goal of a secure hash algorithm is to render it impossible tochange the contents of a file -- either by accident, or by malicious or unauthorized attempt -- andmaintain the same hash value. You can also use hash values to determine if two different files haveexactly the same content. If the hash values of two files are identical, the contents of the filesare also identical.
By default, the Get-FileHash cmdlet uses the SHA256 algorithm, although any hash algorithm thatis supported by the target operating system can be used.
Examples
Example 1: Compute the hash value for a file
This example uses the Get-FileHash cmdlet to compute the hash value for the/etc/apt/sources.list file. The hash algorithm used is the default, SHA256. The output ispiped to the Format-List cmdlet to format the output as a list.
Example 2: Compute the hash value for an ISO file
This example uses the Get-FileHash cmdlet and the SHA384 algorithm to compute the hash valuefor an ISO file that an administrator has downloaded from the internet. The output is piped to theFormat-List cmdlet to format the output as a list.
Example 3: Compute the hash value of a stream
For this example, we get are using System.Net.WebClient to download a package from thePowershell release page. The releasepage also documents the SHA256 hash of each package file. We can compare the published hash valuewith the one we calculate with Get-FileHash.
Example 4: Compute the hash of a string
PowerShell does not provide a cmdlet to compute the hash of a string. However, you can write astring to a stream and use the InputStream parameter of Get-FileHash to get the hash value.
Parameters
Specifies the cryptographic hash function to use for computing the hash value of the contents of thespecified file or stream. A cryptographic hash function has the property that it is infeasible tofind two different files with the same hash value. Hash functions are commonly used with digitalsignatures and for data integrity. The acceptable values for this parameter are:
- SHA1
- SHA256
- SHA384
- SHA512
- MD5
If no value is specified, or if the parameter is omitted, the default value is SHA256.
For security reasons, MD5 and SHA1, which are no longer considered secure, should only be used forsimple change validation, and should not be used to generate hash values for files that requireprotection from attack or tampering.
| Type: | String |
| Accepted values: | SHA1, SHA256, SHA384, SHA512, MD5 |
| Position: | 1 |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the input stream.
| Type: | Stream |
| Position: | 0 |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Specifies the path to a file. Unlike the Path parameter, the value of the LiteralPathparameter is used exactly as it is typed. No characters are interpreted as wildcard characters. Ifthe path includes escape characters, enclose the path in single quotation marks. Single quotationmarks instruct PowerShell not to interpret characters as escape sequences.
| Type: | String[] |
| Aliases: | PSPath, LP |
| Position: | 0 |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName) |
| Accept wildcard characters: | False |
Specifies the path to one or more files as an array. Wildcard characters are permitted.
C# Compute Hash
| Type: | String[] |
| Position: | 0 |
| Default value: | None |
| Accept pipeline input: | True (ByPropertyName, ByValue) |
| Accept wildcard characters: | True |
Inputs
Compute Hash Key To String Generate Random Table
You can pipe a string to the Get-FileHash cmdlet that contains a path to one or more files.
Outputs
Microsoft.Powershell.Utility.FileHash
Compute Hash Key To String Generate Random Word
Get-FileHash returns an object that represents the path to the specified file, the value of thecomputed hash, and the algorithm used to compute the hash.