Solved

Example of DBMS_CRYPTO.ENCRYPT_AES256

Posted on 2010-09-02
6
5,762 Views
Last Modified: 2013-12-07
Hello,

I am currently using DBMS_OBFUSCATION_TOOLKIT.MD5 for encryption and decryption. I want to impliment DBMS_CRYPTO.ENCRYPT_AES256, but I'm unsure how to do so. I'm unable to find appropriate examples online.

I currently have a package that entales a function that gets the hash, a procedure to add user, change_password, validate user, and to select a user. I want to use the same type of setup and the less change the better.

My DBMS_OBFUSCATION_TOOLKIT is located within my get_hash function.

Please help

Thank you
This is located within my package body:

FUNCTION get_hash (username  IN  VARCHAR2,
                     password  IN  VARCHAR2)
    RETURN VARCHAR2 AS
  BEGIN
    RETURN DBMS_OBFUSCATION_TOOLKIT.MD5(
      input_string => password);
  END get_hash;

Open in new window

0
Comment
Question by:lulubell-b
  • 3
  • 2
6 Comments
 
LVL 22

Expert Comment

by:Helena Marková
ID: 33593862
I have found one example on AskTom, I hope it can help you:
http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:2886797089063
0
 

Author Comment

by:lulubell-b
ID: 33596436
I dont want something with dbms_obfuscation_toolkit.DESDecrypt. I need examples of DBMS_CRYPTO.ENCRYPT_AES256.
0
 
LVL 22

Accepted Solution

by:
Helena Marková earned 500 total points
ID: 33608948
I have thought that this example from December 9, 2009 - 12am Central time zone could be useful (I have copied it):

DECLARE
  2     input_string       VARCHAR2 (200) :=  'Secret Message';
  3     output_string      VARCHAR2 (200);
  4     encrypted_raw      RAW (2000);             -- stores encrypted binary text
  5     decrypted_raw      RAW (2000);             -- stores decrypted binary text
  6     num_key_bytes      NUMBER := 256/8;        -- key length 256 bits (32 bytes)
  7     key_bytes_raw      RAW (32);               -- stores 256-bit encryption key
  8     encryption_type    PLS_INTEGER :=          -- total encryption type
  9                              DBMS_CRYPTO.ENCRYPT_AES256
 10                            + DBMS_CRYPTO.CHAIN_CBC
 11                            + DBMS_CRYPTO.PAD_PKCS5;
 12  BEGIN
 13     DBMS_OUTPUT.PUT_LINE ( 'Original string: ' || input_string);
 14     key_bytes_raw := UTL_I18N.STRING_TO_RAW ( 'passwordpasswordpasswordpassword' );
 15     encrypted_raw := DBMS_CRYPTO.ENCRYPT
 16        (
 17           src => UTL_I18N.STRING_TO_RAW (input_string,  'AL32UTF8'),
 18           typ => encryption_type,
 19           key => key_bytes_raw
 20        );
 21      -- The encrypted value "encrypted_raw" can be used here
 22   DBMS_OUTPUT.PUT_LINE ( 'Encrypted string: ' || encrypted_raw);
 23     decrypted_raw := DBMS_CRYPTO.DECRYPT
 24        (
 25           src => encrypted_raw,
 26           typ => encryption_type,
 27           key => key_bytes_raw
 28        );
 29     output_string := UTL_I18N.RAW_TO_CHAR (decrypted_raw, 'AL32UTF8');
 30
 31     DBMS_OUTPUT.PUT_LINE ('Decrypted string: ' || output_string);
 32  END;
 33  /
Original string: Secret Message
Encrypted string: E13D59102175696EFD2C1B0A7064FB47
Decrypted string: Secret Message
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:lulubell-b
ID: 33622130
OK, I was able to get the data into the encrypted data into the table. Now I want to be able to decrypt the data. Please see code.

I'm recieving the below errors
ORA-06502: PL/SQL: numeric or value error: hex to raw conversion error
ORA-06512: at "CDB.AP_PASSWORD_ENTRY_DECRYPT", line 24
ORA-06512: at line 7

Thanks
create or replace
PROCEDURE              AP_PASSWORD_ENTRY_DECRYPT
(PARAM_1 IN NUMBER, 
 PARAM_2 OUT VARCHAR2
)
AS
 input_string       VARCHAR2 (200) :=  PARAM_2;
 output_string      VARCHAR2 (200);
 encrypted_raw      RAW (2000);             -- stores encrypted binary text
 decrypted_raw      RAW (2000);             -- stores decrypted binary text
 num_key_bytes      NUMBER := 256/8;        -- key length 256 bits (32 bytes)
 key_bytes_raw      RAW (32);               -- stores 256-bit encryption key
 encryption_type    PLS_INTEGER :=          -- total encryption type
                          DBMS_CRYPTO.ENCRYPT_AES256
                          + DBMS_CRYPTO.CHAIN_CBC
                          + DBMS_CRYPTO.PAD_PKCS5;
  p_username varchar2(200);
  p_password RAW(2000);
  
 BEGIN
   SELECT USERNAME, PASSWORD INTO p_username, p_password from USERS where ID = PARAM_1;
 
  key_bytes_raw := UTL_I18N.STRING_TO_RAW ( 'passwordpasswordpasswordpassword' );

  decrypted_raw := SYS.DBMS_CRYPTO.DECRYPT
  (
     src => UTL_I18N.RAW_TO_CHAR (p_password,  'AL32UTF8'),
     typ => encryption_type,
     key => key_bytes_raw
  );
  PARAM_2 := decrypted_raw;

END AP_PASSWORD_ENTRY_DECRYPT;

Open in new window

0
 

Author Comment

by:lulubell-b
ID: 33622213
nevermind I figured it out. Thank you

0
 

Expert Comment

by:DALASSI
ID: 38710905
Hi,

I am using Oracle Database 11g Express Edition Release 11.2.0.2.0 - Production. I can execute the following sql statement:

INSERT INTO HR.ENCRYPTED_EMP VALUES(2,
DBMS_CRYPTO.ENCRYPT(UTL_RAW.CAST_TO_RAW('700'),1 + 256 + 4096,UTL_RAW.cast_to_raw('password')),
DBMS_CRYPTO.ENCRYPT(UTL_RAW.CAST_TO_RAW('SomeNameHere'),1 + 256 + 4096,UTL_RAW.cast_to_raw('password')),
'Address location etc.', null, 'M')

-- I got these magic numebrs above (1+256+4096) from another question posted on this forum.

However, when I try to substitute the 1 + 256 + 4096 which stands for DES + CBC + NoPadding with AES256 + CBC + PKCS5Padding, Oracle complains about the following Static values as invalid procedures:

DBMS_CRYPTO.ENCRYPT_AES256 (supposed to be integer)
DBMS_CRYPTO.CHAIN_CBC (integer)
DBMS_CRYPTO.PAD_PKCS5

These Static value are mentioned and recommended in the  Oracle documentation

Is the Express version of my Oracle the problem? Or something else is wrong?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Oracle SQL - Query help 7 78
Oracle Listener Not Starting 11 65
Fill Null values 5 36
plsql job on oracle 18 73
Why doesn't the Oracle optimizer use my index? Querying too much data Most Oracle developers know that an index is useful when you can use it to restrict your result set to a small number of the total rows in a table. So, the obvious side…
Using SQL Scripts we can save all the SQL queries as files that we use very frequently on our database later point of time. This is one of the feature present under SQL Workshop in Oracle Application Express.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
This video shows how to copy an entire tablespace from one database to another database using Transportable Tablespace functionality.

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question