Trying to decript in java the oracle procedure DBMS_OBFUSCATION_TOOLKIT.DESDECRYPT
Question
I'm trying to adapt this code to java in order to reduce the number of calls to DB:
--set serveroutput on
declare
l_aux NUMBER;
l_cle RAW(9) := utl_raw.cast_to_raw('example21');
l_crypt_raw VARCHAR2(200);
l_crypt_str VARCHAR2(200);
p_txt_desencrip varchar2(200):='8387F8937F5F842F805C44B88429D2CD';
BEGIN
l_crypt_raw := utl_raw.cast_to_raw(utl_raw.cast_to_varchar2( p_txt_desencrip));
DBMS_OBFUSCATION_TOOLKIT.DESDECRYPT ( input => p_txt_desencrip
, key => l_cle
, decrypted_data => l_crypt_raw
);
l_crypt_str := utl_raw.cast_to_varchar2(l_crypt_raw);
l_aux := LENGTH(l_crypt_str);
l_crypt_str := RPAD(l_crypt_str,l_aux-ASCII(SUBSTR(l_crypt_str,l_aux)));
DBMS_OUTPUT.PUT_LINE('Decypted message->' || l_crypt_str);
END;
I have been seen all attepts of solving this task, but anyway my main problem is that my key have 9 characters. Here is my java code:
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import com.sun.mail.util.BASE64DecoderStream;
import com.sun.mail.util.BASE64EncoderStream;
public class Test{
private static Cipher ecipher;
private static Cipher dcipher;
private static SecretKey key;
public static void main(String[] args) {
try {
String clave = "example21";
// generate secret key using DES algorithm
SecretKey key2 = new SecretKeySpec(clave.getBytes(), 0, 9, "DES");
ecipher = Cipher.getInstance("DES");
dcipher = Cipher.getInstance("DES");
// initialize the ciphers with the given key
ecipher.init(Cipher.ENCRYPT_MODE, key2);
dcipher.init(Cipher.DECRYPT_MODE, key2);
String encrypted = encrypt("text to encrypt");
System.out.println(encrypted);
String decrypted = decrypt(encrypted);
System.out.println("Decrypted: " + decrypted);
}catch (NoSuchAlgorithmException e) {
System.out.println("No Such Algorithm:" + e.getMessage());
return;
}
catch (NoSuchPaddingException e) {
System.out.println("No Such Padding:" + e.getMessage());
return;
}
catch (InvalidKeyException e) {
System.out.println("Invalid Key:" + e.getMessage());
return;
}
}
public static String encrypt(String str) {
try {
// encode the string into a sequence of bytes using the named charset
// storing the result into a new byte array.
byte[] utf8 = str.getBytes("UTF8");
byte[] enc = ecipher.doFinal(utf8);
// encode to base64
enc = BASE64EncoderStream.encode(enc);
return new String(enc);
}catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static String decrypt(String str) {
try {
// decode with base64 to get bytes
byte[] dec = BASE64DecoderStream.decode(str.getBytes());
byte[] utf8 = dcipher.doFinal(dec);
// create new string based on the specified charset
return new String(utf8, "UTF8");
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}
I've tried differents ways and algorithms but I allways get the error "Invalid Key:Wrong key size"...
Any have a suggestion of what I should try?
Thanks in advance!
1 answers
solution1
0 ACCPTED 2021-06-21 18:05:34
- Firstly, the
DBMS_OBFUSCATION_TOOLKITis deprecated and should not be used. - Secondly ,
DESwas broken more than 20 years ago and should not be used anymore.
As for your question. The documentation for DBMS_OBFUSCATION_TOOLKIT.DESDECRYPT have the following to say about the key parameter:
If the key length is missing or is less than 8 bytes, then the procedure raises the error ORA-28234 "Key length too short." Note that if larger keys are used, extra bytes are ignored. So a 9-byte key will not generate an exception.
So Java just validates the key a bit more.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.