Re: dbms_obfuscation_toolkit issue

From: Rick Wessman <Rick.WessmanNO_SPAM_at_NOoracleSPAM.com>
Date: 3 Jun 2002 04:37:57 -0700
Message-ID: <adfkel0309u_at_drn.newsguy.com>

The problem is probably due to a bug fix. It was discovered that the encryption result was not the same across all platforms. In particular, encryption on Windows produced a different result than on other operating system. When the fix was put in, the encryption result on Windows changed to be the same as that on other platforms. This is probably what you're seeing.

I don't have a good solution for you, other than upgrading the staging system to 8.1.7.2.1. Prior to doing that, you'll need to decrypt the encrypted data and then re-encrypt it after the upgrade.

Before doing that, though, contact Oracle support. They may have come up with a better solution.

                                        Rick

In article <3CF8D886.6090500_at_usa.net>, John says...
>
>Two databases - one 8.1.7.2.1 (production,) the other 8.1.7.0.0 (staging,) on
>different Win2K servers.
>
>Encryption of a string (using the obfuscation toolkit) using the same key
>returns different results on the two databases. Each database is using
>WE8ISO8859P1 character and NCHAR character sets.
>
>I'm "told" that prior to the upgrade to 8.1.7.2.1, the same string and the same
>key would return the same encrypted string on both systems.
>
>Can anyone cast light on this? Why are different encrypted strings being
>returned? Is there a more "portable" way to generate encrypted strings which
>can be migrated across databases?
>
>Code follows.
>
>Thanks!
>
>---------------
>
>create or replace PACKAGE general IS
> Procedure EncryptPassword(input_string varchar2, key_string varchar2,
>pencrypted_string OUT varchar2);
> Procedure DecryptPassword(encrypted_string varchar2, key_string varchar2,
>decrypted_string OUT varchar2);
>
>END;
>
>create or replace PACKAGE BODY general IS
>
>
> Procedure EncryptPassword(input_string varchar2, key_string varchar2,
>pencrypted_string OUT varchar2)is
>
> encrypted_string VARCHAR2(2048);
> tyencrypted_string VARCHAR2(2048);
>
> begin
> dbms_obfuscation_toolkit.DESEncrypt(
> input_string => input_string,
> key_string => key_string,
> encrypted_string => encrypted_string );
>
> tyencrypted_string := rawtohex(UTL_RAW.CAST_TO_RAW(encrypted_string));
> pencrypted_string := tyencrypted_string;
>
>
> end;
>
> Procedure DecryptPassword(encrypted_string varchar2, key_string varchar2,
>decrypted_string OUT varchar2)
> is
> pencrypted_string VARCHAR2(2048);
> begin
> pencrypted_string := utl_raw.cast_to_varchar2(hextoraw(encrypted_string));
>
> dbms_obfuscation_toolkit.DESDecrypt(
> input_string => pencrypted_string,
> key_string => key_string,
> decrypted_string => decrypted_string );
>
> end;
>
>end;
>
>
>--
>John Bossert
>
>In what concerns you much, do not think that you
>have companions: know that you are alone in the world.
>
> -- Henry David Thoreau
>

                                Rick Wessman
                                Oracle Corporation

     The opinions expressed above are mine and do not necessarily reflect
                         those of Oracle Corporation.

Received on Mon Jun 03 2002 - 13:37:57 CEST

This message: [ Message body ]
Next message: Sybrand Bakker: "Re: Executing packages through JDBC connection"
Previous message: Amish: "Re: HELP! Installation of Oracle8i Personal Edition"
In reply to: John Bossert: "dbms_obfuscation_toolkit issue"
In reply to John Bossert: "dbms_obfuscation_toolkit issue"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message