DES3 implementation in oracle and java

Posted on 2004-09-01
Last Modified: 2007-12-19
If the same sequence of bytes is to used to create a DES3 key in java and in ORacle would they yield the same results.

For instance we are encrypting data in java using des3 and want to load the data into Oracle.  ORacle des3 utilities will be used to decyrpt this data.

I am wondering would this work, would  these yield the same results?
Question by:inzaghi
  • 3
  • 2
  • 2
  • +1
LVL 23

Expert Comment

ID: 11955264
I think so, I have reasons to believe that Oracle dbms_obfuscation_toolkit is using Java api under the cover.

but isn't it too hard to test , right?
My java skill is failing me, otherwise, I can write a test case for you...

but To test the decryption, calling Oracle dbms_obfuscation_toolkit is real easy.


Accepted Solution

bvanderveen earned 250 total points
ID: 11955268
See my  comments on your question in the java section.  This should work, because DES3 is a standard algorithm.  Don't assume it isn't working if the encrypted values aren't the same, because they often aren't, even when generated with the same algorithm.  

Due to the way encryption works, the hash generated will differe from time to time, but it will decrypt the same.

If there are differences, you can load the java class (may need mod to have static method) into Oracle db and run as a java stored procedure to have identical procedures.  But, I suspect DES3 is already implemented with java in Oracle anyway.
LVL 47

Expert Comment

ID: 11960919
Do not expect same codding even if you use the same encryption key.
I do not believe that Java is the only used language in Oracle to implement DES3.
Passwords in Oracle are encrypted using this standard and i am sure the
are decoded using C.
DES3 is a standard for encryption, it is not Java tool, class, etc.

Author Comment

ID: 11962072
Does that mean if we encrypt someting using java des3 and before we load it to a oracle database we must decrypt the data first using java des3 and then encrypt using oracle des3.

I am concerned that loading data into a oracle data base that has been encrypted using java des3 will not be able to be decrypted with oracle 9i des3 utilities using the same key that was used for the java des3 encryption?
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.


Expert Comment

ID: 11963133
>.Does that mean if we encrypt someting using java des3 and before we load it to a oracle database we must decrypt the data first using java des3 and then encrypt using >>oracle des3.

>>I am concerned that loading data into a oracle data base that has been encrypted using java des3 will not be able to be decrypted with oracle 9i des3 utilities using the >>same key that was used for the java des3 encryption?

I don't think this will be a problem.  DES3 is a standard algorithm - it should work the same in any implementation.  And, I'll bet Oracle's implementation is already written in java.  So you should be able to decrypt in Oracle using the same key.

What we have been trying to say, is that the encrypted output may not be the same - encryption algorithms have a "randomness" in them to prevent them from being easily cracked.  Encrypting twice in java will probably yield 2 different results, but they will both decrypt back to the same value.  DES3 is not a simple substitution cipher.

More than this, is over my head.  I suggest you try it - encrypt a phrase in java, decrypt with Oracle.  You shouldn't have any problems with this.
LVL 23

Assisted Solution

seazodiac earned 250 total points
ID: 11963209

you are a java person, right?

why don't you do a test and see for yourself?

I am not a java developer, but come up with a test case is very simple:

like bvanderveen said:

public class TestEncrypt{

public static void main (Strings[] args) {
   call java DES3 method here();

compile this class and

run java TestEncrypt "HelloWorld"

this will encrypt "helloworld" in DES3 format.

now in database,
create a table:

create table test (message varchar2(100));

insert the encrypted string into this table.

then use DBMS_OBFUSCATION_TOOLKIT to decrypt it.

see for yourself...


Author Comment

ID: 12005914
WE have ran a test for this. Encrypted a value in java and try to decrypt in oracle and we do not get the same results.  This is really fustrating.

Any ideas would be really apreciated.

Expert Comment

ID: 12006218
First, the dbms_obfustication_toolkit provides different overloaded methods for encrypting and decrypting, dependingon the type of data being encrypted - raw or string.  Make sure you are using the appropriate method.

At this point, I would open a TAR with Oracle.  Since DES3 is a standard, and you can't get to the source for dbms_obfustication_toolkit (other than the spec), you will need assistance from Oracle as to why this isn't working.

All else failing, I would port one of the two methods to the other system.  You can create a Java Stored Procedure in Oracle from you DES3 source code (you may have to create a static method for it to be callable in Oracle).  Then you will have the same package encrypting and decrypting.


Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Why doesn't the Oracle optimizer use my index? Querying too much data Most Oracle developers know that an index is useful when you can use it to restrict your result set to a small number of the total rows in a table. So, the obvious side…
Configuring and using Oracle Database Gateway for ODBC Introduction First, a brief summary of what a Database Gateway is.  A Gateway is a set of driver agents and configurations that allow an Oracle database to communicate with other platforms…
This video shows syntax for various backup options while discussing how the different basic backup types work.  It explains how to take full backups, incremental level 0 backups, incremental level 1 backups in both differential and cumulative mode a…
This video shows how to Export data from an Oracle database using the Datapump Export Utility.  The corresponding Datapump Import utility is also discussed and demonstrated.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now