Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Encrypting more than 8 bytes with Crypt::DES for Oracle decryption

Posted on 2004-10-21
11
Medium Priority
?
489 Views
Last Modified: 2008-03-10
I'm trying to encrypt data using Crypt::DES in perl which will then be inserted to an Oracle8i database using the DBMS_OBFUSCATION_TOOLKIT to decrypt it.  Some of this data is more than 8 bytes long, so my first instinct was to break the string up into 8 byte segments and concatenate the results together, and then do the same in a PL/SQL function calling the obfuscation tooolkit.  Unfortunately, this returns gibberish.  Any suggestions?
0
Comment
Question by:rotor89
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 12374261
How much data do you want to encrypt?

Does DBMS_OBFUSCATION_TOOLKIT only support DES?
0
 
LVL 84

Expert Comment

by:ozo
ID: 12379247
Could you use Crypt::CBC to cypher block chain the DES blocks for an arbitrary size string?
0
 
LVL 19

Expert Comment

by:Kim Ryan
ID: 12379957
This module will do all the blocking for you. If you install it, it will require the Crypt::CBC and Crypt::DES modules to also be installed. You can encrypt data from either a string or file. but can only decrypt from a file.

 use Crypt::CBCeasy;

 DES::encipher($my_key, "plain-file", "crypted-file");
 $plain_text = DES::decipher($my_key, \*CRYPTED_FILE_HANDLE);
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:rotor89
ID: 12379991
The version of DBMS_OBFUSCATION_TOOLKIT that comes with Oracle 8i does seem to only support DES.  The data I'm encrypting ranges up to 30 or so characters.

After posting this yesterday I stumbled across Crypt::CBC, but that didn't work either.  It seems to use a different method to chain the blocks than Oracle does.
0
 
LVL 84

Expert Comment

by:ozo
ID: 12380013
What method does Oracle use?
0
 

Author Comment

by:rotor89
ID: 12380199
"What method does Oracle use?"

And there's the real issue - it's a binary package and I can't find any documentation that explains this.  Since 8 byte strings work fine on their own, I figured that breaking it down into separate 8 byte strings and concatenating would do the trick, but it doesn't.

Thanks
0
 

Author Comment

by:rotor89
ID: 12383939
Well, I had to find an interim method to please people for now, so this isn't such a hot topic for me at the moment, but I'll leave this open as I will have to come back to it later.  My hope is that we'll be moving to Oracle 9i or 10g where newer encryption methods are available.  Still, if anyone has a suggestion - I know I wouldn't get complaints if I were able to impliment this.
Thanks.
0
 

Accepted Solution

by:
rotor89 earned 0 total points
ID: 12399378
jmcg - sounds good to me.

Thanks.
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many time we need to work with multiple files all together. If its windows system then we can use some GUI based editor to accomplish our task. But what if you are on putty or have only CLI(Command Line Interface) as an option to  edit your files. I…
Email validation in proper way is  very important validation required in any web pages. This code is self explainable except that Regular Expression which I used for pattern matching. I originally published as a thread on my website : http://www…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question