[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2193
  • Last Modified:

Decrypt PL/SQL DESEncrypted String in Java

Hi all,

I am  trying to decrypt a string in Java Code which was encrypted using DBMS_OBFUSCATION_TOOLKIT in Oracle PL/SQL procedure.

Byte Key used in Java code is of format:
SecretKeySpec key = new SecretKeySpec(new byte[] { 1, 2, 3, 4, 5, 6, 7,
                        8, 9, 10 }, "DESede")
IV is as follows in Java;
byte[] initVector = { 8, 7, 6, 5, 4, 3, 2, 1 };

The values decrypted/encrypted are not same. I know I am making some goof up while using byte arrays in Oracle. Could you please either point me to an explanation as to how byte array keys should be used in PL/SQL or what is the best way to go about the encryption/decryption.

Please do let me know if additional info is requiered.

Thanks
CREATE OR REPLACE PROCEDURE testharidecrypt AS
 
BEGIN
 
   DECLARE
 
      l_key_vc    VARCHAR2 (40)  := '123456789a'; //hexadecimal values Key
 
      l_iv_vc     VARCHAR2 (8)   := '87654321'; 
 
      str         VARCHAR (2000) := 'somelogin';//string to be decrypted
 
      crypt_raw   RAW (2000);
 
      crypt_str   VARCHAR (2000);
 
      l           INTEGER        := LENGTH (str);
 
      i           INTEGER;
 
      padblock    RAW (2000);
 
   BEGIN
 
      l_key_vc := HEXTORAW (l_key_vc);
 
      l_iv_vc := HEXTORAW (l_iv_vc);
 
      i := 8 - MOD (l, 8);
 
      DBMS_OUTPUT.put_line ('i: ' || i);
 
      padblock := UTL_RAW.cast_to_raw (str || RPAD (CHR (i), i, CHR (i)));
 
      DBMS_OUTPUT.put_line ('str: ' || str);
 
      DBMS_OUTPUT.put_line ('padblock: ' || padblock);
 
      DBMS_OBFUSCATION_TOOLKIT.des3encrypt
 
                               (input_string          => padblock,
 
                                key_string            => l_key_vc,
 
                                which                 => DBMS_OBFUSCATION_TOOLKIT.twokeymode,
 
                                iv_string             => l_iv_vc,
 
                                encrypted_string      => crypt_raw
 
                               );
 
--     crypt_str := UTL_RAW.cast_to_varchar2 (crypt_str);
 
      DBMS_OUTPUT.put_line ('Encrypted String:' || crypt_raw);
 
--      l := LENGTH (crypt_str);
 
  --    crypt_str := RPAD (crypt_str, l - ASCII (SUBSTR (crypt_str, l)));
 
      DBMS_OUTPUT.put_line ('Encrypted String:' || crypt_raw);
 
   END;
 
END;

Open in new window

0
priyaaaank
Asked:
priyaaaank
1 Solution
 
schwertnerCommented:
Java DES and Oracle DES are different.

it will be better to use Oracle stored procedure called from java to decrypt.

How to call PL/SQL stored procedure from Java

===============================================================
Invoking PL/SQL stored procedure from a Java class
using JDBC thin driver

Works fine on Jdeveloper
===============================================================


Store this Oracle PL/SQL procedure under scott/tiger account.
It has 2 IN parameters and 2 OUT parameters.


CREATE OR REPLACE PROCEDURE fitnes_selector
       (p_p1 IN INTEGER,
        p_p2 IN VARCHAR2,
        p_p3 OUT INTEGER,
        p_p4 OUT VARCHAR2)
IS
BEGIN
   p_p3 := p_p1 + 10;
   p_p4 := p_p2 || '   '  || 'ADDITIONAL STRING';
END;
/


This java class will invoke the procedure above using
Oracle JDBC thin driver.


import java.sql.*;
import oracle.jdbc.pool.OracleDataSource;

class StProcExample {
     public static void main(String[] args)
     throws SQLException {
     int ret_code;
     try {
          System.out.println("Begin of the play  ");
          // Create DataSource and connect to the local database
          OracleDataSource ods = new OracleDataSource();
          ods.setURL("jdbc:oracle:thin:@//oralin3:1521/phr7b");
          ods.setUser("scott");
          ods.setPassword("tiger");
          Connection conn = ods.getConnection();

          // Invoke stored procedure
            int  p1 = 10;
            String p2;
            p2 = "Fitness";
            int  p3;
            String p4;
            CallableStatement pstmt = conn.prepareCall("{call fitnes_selector(?,?,?,?)}");
            pstmt.setInt(1, p1);
            pstmt.setString(2, p2);
            pstmt.registerOutParameter(3, Types.INTEGER);
            pstmt.registerOutParameter(4, Types.VARCHAR);
            System.out.println("Midlle of the play  ");
            pstmt.executeUpdate();

            int o_empno = pstmt.getInt(3);
            String o_ename = pstmt.getString(4);

           System.out.print("The returned values are "
                             +o_empno +" "+ o_ename);
           pstmt.close();
           conn.close();
        }
    catch  (SQLException e)
            { ret_code = e.getErrorCode();
              System.out.println(ret_code + "  " + e.getMessage());
            }
                      }
     }
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now