Re: DBMS_CRYPTO Error

On 23/04/12 20:54, Norman Dunbar wrote:
> I'm not 100% sure as I'm away from my desk at present, but I think when
> I used DES3 a few years ago, I needed to pad the text to be encrypted to
> a multiple of some length. I'll check tomorrow.

I'm in the office and I've checked my code. It is true, the data to be encrypted needs to be a multiple of 8 characters long. As per this from my code's package body:

function encrypt(iString in blob) return blob as

	vData raw(1024);
	vBlob blob;

begin
	-- Extract raw data, pad it out &  encrypt it
	vData := BlobToRaw(iBlob => iString,
			iPad => true);

	vData := dbms_obfuscation_toolkit.DESEncrypt(...);

The BlobToRaw code is this:

function BlobToRaw(iBlob in blob, iPad in boolean := true) as

	vRaw raw(1024;
	vLength number;
	vPad integer
	...
begin
	vLength := dbms_lob.GetLength(iBlob);
	if (vLength <> 0) then
		-- Read blob into raw
		...
	end if;

	-- Pad if required
	if (iPad) then
		vPad := 8 - mod(vLength, 8);
		if (vPad <> 0) then
		vRaw := utl_raw.concat(vRaw,
				utl_raw.cast_to_raw(rpad(chr(0),
							vPad,
							chr(0))
				)
			);
		end if;
	end if;

I remember reading somewhere that the data has to be an exact multiple of 8 characters long. In the docs for dbms_obfuscation_toolkit for 9i I think.

I also note that I seem to have used the iPad name long before Apple, wonder if I can sue! ;-)

By the way, this was part of a password vault system I had to write many many years ago, all my data are well short of the 1024 characters I'm using for the RAWs above.

HTH Cheers,
Norm.

-- 
Norman Dunbar
Dunbar IT Consultants Ltd

Registered address:
Thorpe House
61 Richardshaw Lane
Pudsey
West Yorkshire
United Kingdom
LS28 7EL

Company Number: 05132767
--
http://www.freelists.org/webpage/oracle-l