Re: DBMS_CRYPTO Error
- From: Norman Dunbar <oracle@xxxxxxxxxxxxxxx>
- To: oracle-l@xxxxxxxxxxxxx
- Date: Tue, 24 Apr 2012 07:35:26 +0100
Morning Ken,
On 23/04/12 20:54, Norman Dunbar wrote:
> I'm not 100% sure as I'm away from my desk at present, but I think when
> I used DES3 a few years ago, I needed to pad the text to be encrypted to
> a multiple of some length. I'll check tomorrow.
I'm in the office and I've checked my code. It is true, the data to be
encrypted needs to be a multiple of 8 characters long. As per this from
my code's package body:
function encrypt(iString in blob) return blob
as
vData raw(1024);
vBlob blob;
begin
-- Extract raw data, pad it out & encrypt it
vData := BlobToRaw(iBlob => iString,
iPad => true);
vData := dbms_obfuscation_toolkit.DESEncrypt(...);
The BlobToRaw code is this:
function BlobToRaw(iBlob in blob, iPad in boolean := true)
as
vRaw raw(1024;
vLength number;
vPad integer
...
begin
vLength := dbms_lob.GetLength(iBlob);
if (vLength <> 0) then
-- Read blob into raw
...
end if;
-- Pad if required
if (iPad) then
vPad := 8 - mod(vLength, 8);
if (vPad <> 0) then
vRaw := utl_raw.concat(vRaw,
utl_raw.cast_to_raw(rpad(chr(0),
vPad,
chr(0))
)
);
end if;
end if;
...
I remember reading somewhere that the data has to be an exact multiple
of 8 characters long. In the docs for dbms_obfuscation_toolkit for 9i I
think.
I also note that I seem to have used the iPad name long before Apple,
wonder if I can sue! ;-)
By the way, this was part of a password vault system I had to write many
many years ago, all my data are well short of the 1024 characters I'm
using for the RAWs above.
HTH
Cheers,
Norm.
--
Norman Dunbar
Dunbar IT Consultants Ltd
Registered address:
Thorpe House
61 Richardshaw Lane
Pudsey
West Yorkshire
United Kingdom
LS28 7EL
Company Number: 05132767
--
http://www.freelists.org/webpage/oracle-l
Other related posts: