使用Python加密Oracle数据库密码

编程问答 2022-08-16

问题描述

因此,我们所获得的是一些登录数据库的进程,我们需要具有加密的凭据(至少是密码)。我们正在寻找一种能够调用某些东西的功能,该功能将在调用时对密码进行加密和解密,以便我们将其用作凭据。类似于以下内容

启动程序

调用外部解密程序以获取凭据

连接到数据库

做东西

断开连接

结束程序

因此,基本上,我想对密码进行加密,以使其不会以纯文本形式存储。我已经看到了使用Wallet和Python Cyrptography库的各种解决方案。我受困的是如何部署解决方案,以便只有具有权限的正确oracle用户才能解密密码文件。有没有办法使用CX_Oracle验证Oracle用户

在下面找到与CX_Oracle的连接的当前.py文件

import cx_Oracle


def get_ldif_string(row,isFirst):
  ldif = ""

if isFirst == False:
    ldif += "\r\n"

ldif += "dn: sk-ban=" + \
    row[0] + ",ou=XXXXXXXX,ou=XXXXXXXXX,ou=XXXXXX,dc=XXXXXXXXX,dc=com" + "\r\n"

ldif += "objectClass: sk-account\r\n"
ldif += "objectClass: top\r\n"

ldif += "sk-ban: " + row[0] + "\r\n"

if row[1].strip():
    ldif += "sk-billingFullName: " + row[1] + "\r\n"

if row[3].strip():
    ldif += "sk-billingAddress: " + row[3] + "\r\n"

if row[4].strip():
    ldif += "sk-billingCity: " + row[4] + "\r\n"

if row[5].strip():
    ldif += "sk-billingProvince: " + row[5] + "\r\n"

if row[6].strip():
    ldif += "sk-billingPostalCode: " + row[6] + "\r\n"

if row[7].strip():
    ldif += "sk-billingAccountType: " + row[7] + "\r\n"

if row[8].strip():
    ldif += "sk-billingServiceNumber: " + row[8] + "\r\n"

if row[9].strip():
    ldif += "sk-active: " + row[9] + "\r\n"

if row[10].strip():
    ldif += "sk-inactive: " + row[10] + "\r\n"

#print (ldif)
return ldif


def writetoFile(textToWrite,file):
  file.write(textToWrite)


dsn_tns = cx_Oracle.makedsn(
  'XXXXXXXX','XXXX',service_name='XXXXXXXXXXXXXXX')
conn = cx_Oracle.connect(
user=r'XXXXXXX',password=r'XXXXXXX',dsn=dsn_tns)


query = """Select * FROM (
select 
COALESCE(ACCT_NO,' ') as ACCT_NO,COALESCE(BILLING_FirsT_NAME,'') || ' ' || COALESCE(BRM_LAST_NAME,''),COALESCE(BRM_LAST_NAME,' '),COALESCE(BRM_ADDRESS,COALESCE(BRM_CITY,COALESCE(BRM_PROVINCE,COALESCE(BRM_POSTAL_CODE,COALESCE(BRM_ACCOUNT_TYPE,COALESCE(CRB_TN_SN,CASE WHEN BRM_DEAL_STATUS = 'ACTIVE' THEN COALESCE(BRM_DEAL_NAME,' ') ELSE ' ' END as BRM_ACTIVE,CASE WHEN BRM_DEAL_STATUS <> 'ACTIVE' THEN COALESCE(BRM_DEAL_NAME,' ') ELSE ' ' END as 
BRM_INACTIVE
from PIN.V_SK_IDM_DATA
ORDER BY ACCT_NO
)
--where ACCT_NO in ('7135942-00002','7133100','7206065-00011','0042006-00003','0044070-00001')
"""

fileName = "load/loadLDIF.ldif"
open(fileName,'w').close()
file = open(fileName,"a+")

c = conn.cursor()
c.execute(query)

ban = ""
ldif = ""
isFirst = True

for row in c:

newBan = row[0]
if newBan != ban:
    writetoFile(ldif,file)
    ldif = get_ldif_string(row,isFirst)
    isFirst = False
    ban = newBan
else:
    if row[9].strip():
        ldif += "sk-active: " + row[9] + "\r\n"
    else:
        ldif += "sk-inactive: " + row[10] + "\r\n"


writetoFile(ldif,file)
conn.close()
file.close()

解决方法

暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!

如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com (将#修改为@)

cryptographycx-oracleencryptionoraclepython-3.x