Call now: 252-767-6166  
Oracle Training Oracle Support Development Oracle Apps

 
 Home
 E-mail Us
 Oracle Articles
 New Oracle Articles


 Oracle Training
 Oracle Tips
 Oracle Forum
 Class Catalog


 Remote DBA
 Oracle Tuning
 Emergency 911
 RAC Support
 Apps Support
 Analysis
 Design
 Implementation
 Oracle Support


 SQL Tuning
 Security
 Oracle UNIX
 Oracle Linux
 Monitoring
 Remote support
 Remote plans
 Remote services
 Application Server
 Applications
 Oracle Forms
 Oracle Portal
 App Upgrades
 SQL Server
 Oracle Concepts
 Software Support
 Remote Support  
 Development  
 Implementation


 Consulting Staff
 Consulting Prices
 Help Wanted!

 


  Oracle Posters
 Oracle Books
  Oracle Scripts
 Ion
 Excel-DB  

Don Burleson Blog 


 

 

 


 

 
 

 

 

Oracle Wrap Utility 


Oracle Database Tips by Burleson Consulting
 

About Oracle Wrap Utility

These utilities can load, encrypt, tune or debug code objects. This chapter will focus on the utilities that perform these functions, including wrap, dbms_profiler, dbms_debug, loadjava, dropjava and loadpsp.

The first of these utilities to be discussed will be the wrap utility that allows PL/SQL developers to encrypt their code.

PL/SQL Wrap Utility for Encryption

The wrap utility (wrap.exe) provides a way for PL/SQL developers to protect their intellectual property by making their PL/SQL code unreadable. These encryption options have long been available for other programming languages and were introduced for PL/SQL in version 7. It still amazes me at the number of proprietary procedures and packages that are installed in a readable format - plain PL/SQL.

Unfortunately there is no such command as:

ALTER PACKAGE BODY [name] WRAP;

Instead, the wrap utility takes a readable, ASCII text file as input and converts it to a file containing byte code. The result is that the DBA, developers or anyone with database access cannot view the source code in any readable format.

The command line options for wrap are:

wrap iname=[file] oname=[file]

Wrap only for production - Wrapping code is desired for production environments but not for profiling. It is much easier to see the unencrypted form of the text in our reports than it is to connect line numbers to source versions. Use dbms_profiler before you wrap your code in a test environment, wrap it, and then put it in production.

One word of caution here - wrap is an one-way encryption process for the files; there is no un-wrap function. So never throw away your original file. The wrap is done to make sure that someone peeking into the dba_source view will not be able to see the code in clear text.

Oracle wrap example

Steve Callan has a good article on using wrap, and an example of how the wrap utility creates a encrypted plb file:

I can take the code for the wrap_it procedure and, well, wrap it. The code for the procedure is in a file named wrap_example.sql.

C:\ora9i>wrap iname=c:\ora9i\admin\wrap_example.sql

PL/SQL Wrapper: Release 10.1.0.2.0- Production on Thu Jul 15 22:11:18 2004

Copyright (c) 1993, 2004, Oracle.  All rights reserved.

Processing c:\ora9i\admin\wrap_example.sql to wrap_example.plb

Note how Oracle changed the file extension to "plb.".  In you view the plb file with a text editor you will see that it is wrapped and encrypted.

Best Practices for Using Wrap

• Always wrap code that contains sensitive information or commercial software that is owned and distributed by your company. The give_raise procedure is highly sensitive and should not reveal the code to anyone that can access a DBA view.

• Although the wrap utility does in fact work in a straightforward manner, it will not work when wrapping code that is specific to a version of the database. For instance, our example above would wrap fine in version 7, and the same encrypted output can be used in 9i. But, if the code contains PL/SQL commands specific to a version of the database (execute immediate), then the wrap executable must be at least at that level of the database.

• Wrapping a procedure in 9i will not compile when submitted to an Oracle7 database. For the same reason that a file created in Word/XP cannot be loaded into Word95, newer versions of wrap only work with that version of the database. The wrap utility does have a "loose" connection to the database, although it does not ask for one (username, password, SID). Attempting to wrap code that will not compile, will result in errors like the one below:

C:\Oracle\bin>wrap iname=giveraise.sql oname=giveraise.wrp

PL/SQL Wrapper: Release 9.2.0.1.0- Production on Sun Dec 08 15:42:23 2002

Copyright (c) Oracle Corporation 1993, 2001. All Rights Reserved.

Processing giveraise.sql to giveraise.wrp
PSU(103,1,8,1):Encountered the symbol "IF" when expecting one of the following:

constant exception
table LONG_ double ref
char time timestamp interval date binary national character
nchar

PL/SQL Wrapper error: Compilation error(s) for:
create or replace procedure give_raise
Outputting source and continuing.

It would seem to make sense to just wrap all code with the oldest version of the wrap utility, but that will not work. For example, trying to wrap a procedure that contained a version specific command (like execute immediate) would require that specific version of the wrap executable. In fact, it is much easier to wrap a file on each version of the database that you plan to support. Also, code that is wrapped is portable to any platform. Therefore, PL/SQL code could be wrapped on Windows and distributed to any UNIX platform.

• Give careful consideration to wrapping code since it increases the size of the procedural object (function, procedure, and package) by as much as 200-250%. The size of the wrapped object is the only down side to wrapping; the execution benchmarks are the same.

• Do not wrap package specifications (headers), since they serve as great documentation. Good development practice is to only wrap the implementation, the package body.

• Provide a version of the wrap utility for developers to use. Since $ORACLE_HOME/bin is usually very restricted, copy the wrap executable to a shared drive that everyone can use.
No utility exists that will unwrap a wrapped package; otherwise, the wrap utility would be useless.

Now that encryption is addressed, the next step for a developer would be to ensure that the code performs well. Developers can use the dbms_profiler utility described in the next section to gain code execution benchmarks

 


For more details on Oracle utilities, see the book "Advanced Oracle Utilities" by Bert Scalzo, Donald K. Burleson, and Steve Callan.

You can buy it direct from the publisher for 30% off directly from Rampant TechPress.


 

 

 
��  
 
 
Oracle Training at Sea
 
 
 
 
oracle dba poster
 

 
Follow us on Twitter 
 
Oracle performance tuning software 
 
Oracle Linux poster
 
 
 

 

Burleson is the American Team

Note: This Oracle documentation was created as a support and Oracle training reference for use by our DBA performance tuning consulting professionals.  Feel free to ask questions on our Oracle forum.

Verify experience! Anyone considering using the services of an Oracle support expert should independently investigate their credentials and experience, and not rely on advertisements and self-proclaimed expertise. All legitimate Oracle experts publish their Oracle qualifications.

Errata?  Oracle technology is changing and we strive to update our BC Oracle support information.  If you find an error or have a suggestion for improving our content, we would appreciate your feedback.  Just  e-mail:  

and include the URL for the page.


                    









Burleson Consulting

The Oracle of Database Support

Oracle Performance Tuning

Remote DBA Services


 

Copyright © 1996 -  2020

All rights reserved by Burleson

Oracle ® is the registered trademark of Oracle Corporation.