尝试在TDE环境下手工将本来为united mode的pdb转化为isolated mode的pdb

最新推荐文章于 2023-08-13 09:00:00 发布
最新推荐文章于 2023-08-13 09:00:00 发布
阅读量350 收藏 1
点赞数
分类专栏: orale 文章标签: oracle
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/wgz7747147820/article/details/111827730
版权

一个pdb,本来模式为united mode的pdb,并且也已经创建了master encryption key,也已经有表和表空间由master encryption key加密了,这种情况下由united mode转化为isolated mode有一个命令为adminster key management isoalte mode可以进行转化。我们尝试手工转化一下,通过export keys和import keys是可以实现的

第一步首先创建一个pdb,然后将之配置为united mode

06:27:21 SQL> create pluggable database tdetest2pdb10895 admin user pdbadmin identified by tdetest2;

Pluggable database created.

Elapsed: 00:00:03.90

06:33:23 SQL> alter pluggable database tdetest2pdb10895 open read write instances=all;

Pluggable database altered.

Elapsed: 00:00:09.97

06:34:31 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
CLOSED			       UNITED

Elapsed: 00:00:00.01

06:34:49 SQL> administer key management set keystore open identified by "WelCome-123#";

keystore altered.

Elapsed: 00:00:00.09
06:35:31 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
OPEN_NO_MASTER_KEY	       UNITED

Elapsed: 00:00:00.00
06:35:52 SQL> administer key management set key identified by "WelCome-123#" with backup;

keystore altered.

Elapsed: 00:00:00.34
06:36:27 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
OPEN			       UNITED

Elapsed: 00:00:00.01

06:39:09 SQL> select tablespace_name,encrypted from dba_tablespaces;

TABLESPACE_NAME 	       ENC
------------------------------ ---
SYSTEM			       YES
SYSAUX			       NO
UNDOTBS1		       NO
TEMP			       NO
UNDO_2			       NO
BIG_TBS1		       YES

6 rows selected.

Elapsed: 00:00:00.03

到现在为止,测试pdb准备好了,既有表空间加密了,也有表加密了

我们下面开始尝试将这个pdb转化为isolated mode的pdb

第一步

06:39:26 SQL> show parameter tde_configuration;

NAME				     TYPE	 VALUE
------------------------------------ ----------- ------------------------------
tde_configuration		     string
06:40:38 SQL> alter system set tde_configuration='keystore_configuration=file' scope=both;

System altered.

Elapsed: 00:00:00.02
06:40:56 SQL> show parameter tde_configuration;

NAME				     TYPE	 VALUE
------------------------------------ ----------- ------------------------------
tde_configuration		     string	 keystore_configuration=file
06:41:12 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
OPEN			       ISOLATED

Elapsed: 00:00:00.01

现在模式已经显示为isolated mode了,我们下面就是尝试将encryption key从cdb$root的那个united keystore转移到PDB里的这个isolated mode的keystore

06:41:27 SQL> select guid from v$pdbs;

GUID
--------------------------------
B76AB92AE1E9D252E053D529850A6F77

Elapsed: 00:00:00.00

[oracle@scaqai06adm07 tdetest2]$ ls -al B76AB92AE1E9D252E053D529850A6F77
ls: cannot access B76AB92AE1E9D252E053D529850A6F77: No such file or directory
现在还没有创建isolated mode的keystore

创建isolated mode的keystore
06:43:06 SQL> administer key management create keystore identified by tdetest2pdb10895;

keystore altered.

Elapsed: 00:00:00.11

可以看到这个isolated mode的keystore已经创建了

[oracle@scaqai06adm07 tde]$ pwd
/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde
[oracle@scaqai06adm07 tde]$ ls
ewallet.p12

我尝试着建一个master encryption key,失败了
说密码不对
06:46:34 SQL> administer key management set key force keystore identified by tdetest2pdb10895 with backup;
administer key management set key force keystore identified by tdetest2pdb10895 with backup
*
ERROR at line 1:
ORA-46627: keystore password mismatch


Elapsed: 00:00:00.00

尝试着将united mode 的keystore里的关于这个pdb的那个key move到这个pdb的isolated mode keystore里

06:52:50 SQL> select key_id,activating_pdbname from v$encryption_keys where activating_pdbname='TDETEST2PDB10895';

KEY_ID									       ACTIVATING_PDBNAME
------------------------------------------------------------------------------ ------------------------------
AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA			       TDETEST2PDB10895

Elapsed: 00:00:00.11

这个move keys在这种场景下应该是不适用的

06:55:18 SQL> administer key management move keys to new keystore '/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde' identified by "tdetest2pdb10895" from keystore identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';
administer key management move keys to new keystore '/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde' identified by "tdetest2pdb10895" from keystore identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
*
ERROR at line 1:
ORA-46630: keystore cannot be created at the specified location


Elapsed: 00:00:00.00
报这个错误的原因是因为我们在前面已经创建了keystore
我们可以尝试删除这个keystore试试

[oracle@scaqai06adm07 tde]$ ls
ewallet.p12
[oracle@scaqai06adm07 tde]$ rm -f ewallet.p12

06:56:48 SQL> administer key management move keys to new keystore '/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde' identified by "tdetest2pdb10895" from keystore identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';
administer key management move keys to new keystore '/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde' identified by "tdetest2pdb10895" from keystore identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
*
ERROR at line 1:
ORA-28362: master key not found


Elapsed: 00:00:00.01
再次运行报这个错误
这个错误的原因应该是因为这个命令不能再pdb里运行,在pdb里运行肯定找不到master key了

06:58:08 SQL> alter session set container=cdb$root;

Session altered.

Elapsed: 00:00:00.00
06:59:14 SQL> administer key management move keys to new keystore '/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde' identified by "tdetest2pdb10895" from keystore identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';
administer key management move keys to new keystore '/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde' identified by "tdetest2pdb10895" from keystore identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
*
ERROR at line 1:
ORA-46631: keystore needs to be backed up


Elapsed: 00:00:00.02
06:59:27 SQL> administer key management move keys to new keystore '/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde' identified by "tdetest2pdb10895" from keystore identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' with backup;
administer key management move keys to new keystore '/u01/app/v1/tdetest2/B76AB92AE1E9D252E053D529850A6F77/tde' identified by "tdetest2pdb10895" from keystore identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' with backup
*
ERROR at line 1:
ORA-46688: cannot move a master key


Elapsed: 00:00:00.03
最后报的是不能move a master key,那就是说这种场景不适用于move keys这种方法

我们下面尝试export keys然后再import keys试试

06:59:55 SQL> administer key management export keys with secret unite_convert_isolate to '/u01/app/v1/unite_convert_isolate.key' identified by "WelCome-123#" with identifier in 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';

keystore altered.

Elapsed: 00:00:00.02

在cdb里将这个key导出来,然后我们到pdb里尝试将这个key导进去

07:02:55 SQL> alter session set container=tdetest2pdb10895;

Session altered.

Elapsed: 00:00:00.00
因为刚才把那个keystore 文件删除掉了,我们再重新建一遍

07:03:46 SQL> administer key management create keystore identified by "tdetest2pdb10895";

keystore altered.

Elapsed: 00:00:00.16

07:07:30 SQL> administer key management import keys with secret unite_convert_isolate from '/u01/app/v1/unite_convert_isolate.key' identified by "tdetest2pdb10895" with backup;
administer key management import keys with secret unite_convert_isolate from '/u01/app/v1/unite_convert_isolate.key' identified by "tdetest2pdb10895" with backup
*
ERROR at line 1:
ORA-46627: keystore password mismatch
现在还报这种错误的话,应该还是尝试去再向cdb的那个united mode的keystore里import keys,我们尝试将这个pdb重启一下试试


Elapsed: 00:00:00.01
07:08:17 SQL> show con_name;

CON_NAME
------------------------------
TDETEST2PDB10895

重启pdb后还是报密码错误
07:08:25 SQL> alter pluggable database close immediate instances=all;

Pluggable database altered.

Elapsed: 00:00:00.90
07:09:52 SQL> alter pluggable database open read write instances=all;

Pluggable database altered.

Elapsed: 00:00:04.10
07:10:11 SQL> administer key management import keys with secret unite_convert_isolate from '/u01/app/v1/unite_convert_isolate.key' identified by "tdetest2pdb10895" with backup;
administer key management import keys with secret unite_convert_isolate from '/u01/app/v1/unite_convert_isolate.key' identified by "tdetest2pdb10895" with backup
*
ERROR at line 1:
ORA-46627: keystore password mismatch


Elapsed: 00:00:00.03
07:10:24 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
OPEN			       ISOLATED

Elapsed: 00:00:00.02

下面尝试重启CDB

[oracle@scaqai06adm07 bin]$ ./srvctl stop database -d tdetest2
[oracle@scaqai06adm07 bin]$ ./srvctl start database -d tdetest2

[oracle@scaqai06adm07 bin]$ ./sqlplus "sys/tdetest2@tdetest2 as sysdba"
07:14:05 SQL> administer key management set keystore open identified by "WelCome-123#";

keystore altered.

Elapsed: 00:00:00.07
因为没有配置auto login keystore,所以在重启后首先open cdb level的keystore

07:14:30 SQL> alter session set container=tdetest2pdb10895;

Session altered.

Elapsed: 00:00:00.01
07:15:29 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
CLOSED			       ISOLATED

Elapsed: 00:00:00.02
07:15:46 SQL> administer key management set keystore open identified by "tdetest2pdb10895";

keystore altered.

Elapsed: 00:00:00.06
07:16:07 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
OPEN_NO_MASTER_KEY	       ISOLATED

Elapsed: 00:00:00.00

重启cdb后,这个key可以import进去了

07:17:27 SQL> administer key management import keys with secret unite_convert_isolate from '/u01/app/v1/unite_convert_isolate.key' identified by "tdetest2pdb10895" with backup;

keystore altered.
Elapsed: 00:00:00.16

07:18:21 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
OPEN_NO_MASTER_KEY	       ISOLATED

Elapsed: 00:00:00.01

import key之后,状态还是显式没有master key,我们再尝试运行一下use key这个clause

导入这个key之后也能够查询到

07:20:40 SQL> select key_id,activating_pdbname from v$encryption_keys;

KEY_ID									       ACTIVATING_PDBNAME
------------------------------------------------------------------------------ ------------------------------
AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA			       TDETEST2PDB10895

Elapsed: 00:00:00.02

07:20:54 SQL> administer key management use key 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' identified by "tdetest2pdb10895" with backup;
administer key management use key 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' identified by "tdetest2pdb10895" with backup
*
ERROR at line 1:
ORA-28388: database is not open in read/write mode


Elapsed: 00:00:00.00
07:22:28 SQL> select name,open_mode from gv$pdbs;

NAME		     OPEN_MODE
-------------------- ----------
TDETEST2PDB10895     MOUNTED
TDETEST2PDB10895     MOUNTED

Elapsed: 00:00:00.02
07:22:47 SQL> alter pluggable database open read write instances=all;

Pluggable database altered.

Elapsed: 00:00:02.51
07:23:01 SQL> select name,open_mode from gv$pdbs;

NAME		     OPEN_MODE
-------------------- ----------
TDETEST2PDB10895     READ WRITE
TDETEST2PDB10895     READ WRITE

Elapsed: 00:00:00.03
07:23:17 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
OPEN_NO_MASTER_KEY	       ISOLATED

Elapsed: 00:00:00.01

将pdb起来后,use key clause也能运行成功
07:23:44 SQL> administer key management use key 'AdFwekajDU/Av0DMaYYDqJkAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' identified by "tdetest2pdb10895" with backup;

keystore altered.

Elapsed: 00:00:00.36

这个isolated mode的keystore的状态显示为正常了

07:24:31 SQL> select status,keystore_mode from v$encryption_wallet;

STATUS			       KEYSTORE
------------------------------ --------
OPEN			       ISOLATED

Elapsed: 00:00:00.01

测试表里的数据也能够查询到
07:25:31 SQL> select * from u1.t_1;

A
--------------------
202012272238yudian

Elapsed: 00:00:00.02

07:26:08 SQL> select tablespace_name,encrypted from dba_tablespaces;

TABLESPACE_NAME 	       ENC
------------------------------ ---
SYSTEM			       YES
SYSAUX			       NO
UNDOTBS1		       NO
TEMP			       NO
UNDO_2			       NO
BIG_TBS1		       YES

6 rows selected.

Elapsed: 00:00:00.02

也能够看到表空间是有加密的

再重启一下cdb看看是不是成功了

重启cdb后发现无论是表空间加密还是表加密都没有问题

所以说通过设置tde_configuration以及export keys并import keys的方式是可以将pdb 由united mode方式转化为isolate mode方式的
此方式的效果和administer key management isolate keystore的效果是一样的,只是这种方式需要重启CDB。对于高可用性不好

我在测试过程当中遇到了一个问题,就是pdb里的参数tde_configuration已经修改为keystore_configuration=file但是master encryption key又没有成功的导入进去
这个时候的境况就是pdb也无法open,因为没有master encryption key
,因为pdb没法open,那个tde_configuration这个参数又没办法修改,进入了死结。

wgz7747147820
关注
专栏目录
Oracle透明数据加密(TDE)真实环境使用分析
苏南生的CSDN博客
05-25 9299
23.2.13使用透明数据加密(TDE) 从Oracle数据库1Og的R2版本开始,一个叫做透明数据加密(TDE)的特性让数据加密变得极其容易。我们所需要做的就是把某列声明成加密的,剩下的全部由Oracle完成。当用户输入数据时,列值会被截获、加密,然后用加密后的格式保存。然后,当这一列被查询时,又会自动对列值进行解密,然后把解密后的文本(明文)返回给用户。用户甚至都不需要知道发生过加密和解
oracle所有的系统权限
07-06
alter any cluster 修改任意簇的权限   alter any index 修改任意索引的权限   alter any role 修改任意角色的权限 …… …… ……
有关TDE配置的一些记录
wgz7747147820的博客
06-28 349
搜索TDE配置的顺序 The search order for the TDE keystore depends on how you have set either the instance initialization parameters, the sqlnet.ora parameters, or the environment variables. Oracle Database retrieves the keystore by searching in these locations, in
db19数据加密
weixin_39568073的博客
06-02 324
mkdir -p ORACLEBASE/admin/{ORACLE_BASE}/admin/ORACLEB​ASE/admin/{ORACLE_SID}/wallet alter system set WALLET_ROOT=’/u01/app/oracle/admin/oradb/wallet’ scope=spfile; shutdown immediate; startup show parameter wallet show parameter tde alter system set t
db18c 安全新功能
weixin_39568073的博客
08-17 192
配置钱包根位置和密钥库类型 配置 CDB 密钥库的根目录位置 ALTER SYSTEM SET WALLET_ROOT = '/u01/app/oracle/admin/cdb1/tde_keystore' SCOPE=SPFILE; 重新启动实例并重新打开 PDB SHUTDOWN IMMEDIATE STARTUP ALTER PLUGGABLE DATABASE ALL OPEN; SHOW PARAMETER wallet_root ALTER SYSTEM ...
OCA/OCP Oracle 数据库12c考试指南读书笔记:第28章: Encrypting, Securing, Monitoring, and Tuning RMAN Backups
In-Memory Computing Technology
12-28 756
CREATE RMAN-ENCRYPTED BACKUPS Configuring and Using Transparent Encryption Using Password Encryption Using Dual-Mode Encryption CONFIGURE AND USE ORACLE SECURE BACKUP Installing and Configuring Oracle...
【python的pdb调试简单了解一下?】
weixin_41777118的博客
04-24 654
调试是程序开发过程中的重要环节,它可以帮助开发人员识别和解决程序中的错误和问题。Python 提供了一个内置的调试器 pdb(Python Debugger),可以帮助开发人员逐行分析代码、查看变量值、跟踪函数调用等。
coll2tde:将 mongo 数据库转换为 TDE 文件
06-22
用于将 mongodb 集合转换为 Tableau DataExtract 文件的命令行实用程序。 安装 依赖关系 依赖项是: 表 C API MongoDB C API MongoDB Libbson lib JSMN 只需输入: $ make 然后在您的路径中安装二进制 coll2...
mode.coupling.oft.vi.pdf
09-27
12. MIMO时间域均衡(TDE):在单载波调制系统中,MIMO技术用于均衡不同路径上的信号,以减少由于群延迟扩展导致的信号失真。 通过对以上知识点的深入理解,可以更好地掌握光通信中模式耦合的原理,以及它们在光纤...
SQL Server AlwaysOn环境配置数据库TDE
01-14
### SQL Server AlwaysOn环境下配置数据库TDE #### 一、引言 在SQL Server AlwaysOn环境中配置透明数据加密(Transparent Data Encryption,简称TDE)是一项关键的安全措施,它能够保护数据库中的静止数据免受未...
TDE.rar_TDE_TDE源代码
09-23
TDE在Unix、DOS和Win32上的适用性,显示了它的跨平台特性,能在不同的操作系统环境下运行,满足不同用户的需求。 从标签"tde tde源代码"中,我们可以推断出这个压缩包的内容主要与TDE编辑器及其源代码相关。对于想...
oracle透明加密不可用
S1156578253的博客
10-29 347
事情的经过: 一套12c的rac数据库搭建了adg同步。 1、将主备切换。 2、将切换后的新主库升级到19c。 升级后检查发现TDE不可用,影响部分业务的正常使用。 将sqlnet.ora和wallet文件重新拷贝到目标主机。 administer key management set keystore close; administer key management set keystore open identified by <wallet_password> ; admini
Oracle TDE 加密测试
zll4859291的博客
03-30 750
默认位置:在ORACLE_BASE/admin/$ORACLE_SID/目录下创建文件夹wallet(如果没有创建)指定位置:在 $ORACLE_HOME/network/admin 下的 sqlnet.ora中设 置 ENCRYPTION_WALLET_LOCATION 参数,FILE_NAME_CONVERT = (' /u01/oracle/db/data/CDB/TEST/datafile', ' /u01/oracle/db/data/CDB/TEST/datafile/enc');
Oracle 19c: How Oracle Enable TDE on RAC DB
sqlora的专栏
06-30 383
Oracle 19c: How Oracle Enable TDE on RAC DB
Oracle19c 创建用户,(不带C##)
qq_46004567的博客
05-20 6797
文章目录前言一、登录sysdba管理账号?1.打开CMD运行1.怎么查看数据库是否为 CDB二、创建用户1. 创建用户: 在CDB容器中创建用户时,前面必须添加C## ,而PDB数据库不需要加前缀2.启动PDB数据库3.切换到ORCLPDB容器4.查看当前使用容器5. 创建用户6.用户授权7.设置表空间8.提交 前言 提示:Oracle19C,安装之后不会自动创建scott用户。 例如:scott用户导入失败,手动创建 一、登录sysdba管理账号? 1.打开CMD运行 提示:conn /as sys
Oracle Database 12c Security - 11. Oracle Transparent Data Encryption
In-Memory Computing Technology
09-01 720
Transparent Data Encryption以下简称TDE。 称为透明是因为加密工作在SQL层以下,由数据库引擎自动进行。 TDE是第三代加密,10gR2时引入。之前两代为DBMS_OBFUSCATION_TOOLKIT和DBMS_CRYPTO。 TDE最大的好处是不用改应用。 ENCRYPTION 101 cryptography - 密码学 Goal of Encryption 加密的目的是保护在不安全媒介上传输的敏感信息。 数据库安全与网络安全很不同。不过在透明上是相同的,即网络使用SSL和
Oracle LiveLabs实验:DB Security - Transparent Data Encryption (TDE)
In-Memory Computing Technology
04-05 874
概述 此实验申请地址在这里,时间为2小时。 实验帮助在这里。 本实验使用的数据库为19.13。 Introduction 本研讨会介绍 Oracle 透明数据加密 (TDE) 的各种特性和功能。 它使用户有机会学习如何配置这些功能以加密敏感数据。 目标 如果需要,对数据库进行冷备份以启用数据库恢复 在数据库中启用透明数据加密 使用透明数据加密加密数据 Task 1: Allow DB Restore 此步骤是了后续将数据库恢复为未加密状态。 进入实验目录: sudo su - oracle cd $D
项目启动报错Syntax Error: Error: PostCSS received undefined instead of CSS string的解决办法
最新发布
小雪的博客
08-13 1287
方案2比较简便快捷,node版本切换自如,强烈推荐。问题原因:node-sass与node版本不兼容所致。
Oracle 错误总结及问题解决 ORA
w36680130的博客
09-01 162
Oracle 错误总结及问题解决 ORA
SQL2012 TDE加密实战教程:环境配置与操作详解
本教程详细介绍了如何在SQL Server 2012中实现透明数据加密(TDE)功能。首先,我们构建了一个特定的实验环境,包括一台生产数据库模拟机和一台用于迁移还原的数据库模拟机,以确保操作的可复制性和实用性。环境配置在...
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值