doberkofler
Reputation: 10361
How to replace dbms_obfuscation_toolkit with dbms_crypto
After being deprecated for quite some time, Oracle now removed the dbms_obfuscation_toolkit in 21c. What are the direct replacements for the following functions?
- dbms_obfuscation_toolkit.DESEncrypt
- dbms_obfuscation_toolkit.DESDecrypt
Upvotes: 0
Views: 2725
Answers (2)
Stéphane Jeanrenaud
Reputation: 1
I found a solution which matches exactly with DESEncrypt and DESDecrypt :
set serveroutput on
declare
v_input raw(32767) := UTL_RAW.cast_to_raw('Test string to encrypt !');
v_key raw(32767) := UTL_RAW.cast_to_raw('abcdefgh');
v_encrypted RAW(32767);
v_decrypted VARCHAR2(32767);
BEGIN
DBMS_OBFUSCATION_TOOLKIT.DESEncrypt(input => v_input,
key => v_key,
encrypted_data => v_encrypted);
dbms_output.put_line('Encrypted with DBMS_OBFUSCATION_TOOLKIT : ' || v_encrypted);
DBMS_OBFUSCATION_TOOLKIT.DESDecrypt(input => v_encrypted,
key => v_key,
decrypted_data => v_decrypted);
dbms_output.put_line('Decrypted with DBMS_OBFUSCATION_TOOLKIT : ' || UTL_RAW.cast_to_varchar2(v_decrypted));
v_encrypted := DBMS_CRYPTO.Encrypt(
src => v_input,
typ => DBMS_Crypto.ENCRYPT_DES + DBMS_Crypto.CHAIN_CBC + DBMS_Crypto.PAD_NONE,
key => v_key);
dbms_output.put_line('Encrypted with DBMS_CRYPTO : ' || v_encrypted);
v_decrypted := DBMS_CRYPTO.Decrypt(
src => v_encrypted,
typ => DBMS_Crypto.ENCRYPT_DES + DBMS_Crypto.CHAIN_CBC + DBMS_Crypto.PAD_NONE,
key => v_key);
dbms_output.put_line('Decrypted with DBMS_CRYPTO : ' || UTL_RAW.cast_to_varchar2(v_decrypted));
END;
/
Result of execution :
Encrypted with DBMS_OBFUSCATION_TOOLKIT : B3877B57558F30891B6C9320D345B2F557DE806865F649F1
Decrypted with DBMS_OBFUSCATION_TOOLKIT : Test string to encrypt !
Encrypted with DBMS_CRYPTO : B3877B57558F30891B6C9320D345B2F557DE806865F649F1
Decrypted with DBMS_CRYPTO : Test string to encrypt !
Upvotes: 0
pmdba
Reputation: 7033
You would use one of the DBMS_CRYPT.ENCRYPT functions or procedures (see documentation) with an encryption_type of DBMS_CRYPTO.ENCRYPT_DES, plus whatever block cipher suites and modifiers you need.
Example:
DECLARE
input_string VARCHAR2 (200) := 'Secret Message';
output_string VARCHAR2 (200);
encrypted_raw RAW (2000); -- stores encrypted binary text
decrypted_raw RAW (2000); -- stores decrypted binary text
num_key_bytes NUMBER := 256/8; -- key length 256 bits (32 bytes)
key_bytes_raw RAW (32); -- stores 256-bit encryption key
encryption_type PLS_INTEGER := -- total encryption type
DBMS_CRYPTO.ENCRYPT_DES
+ DBMS_CRYPTO.CHAIN_CBC
+ DBMS_CRYPTO.PAD_NONE;
iv_raw RAW (16);
BEGIN
DBMS_OUTPUT.PUT_LINE ( 'Original string: ' || input_string);
key_bytes_raw := DBMS_CRYPTO.RANDOMBYTES (num_key_bytes);
iv_raw := DBMS_CRYPTO.RANDOMBYTES (16);
encrypted_raw := DBMS_CRYPTO.ENCRYPT
(
src => UTL_I18N.STRING_TO_RAW (input_string, 'AL32UTF8'),
typ => encryption_type,
key => key_bytes_raw,
iv => iv_raw
);
-- The encrypted value "encrypted_raw" can be used here
decrypted_raw := DBMS_CRYPTO.DECRYPT
(
src => encrypted_raw,
typ => encryption_type,
key => key_bytes_raw,
iv => iv_raw
);
output_string := UTL_I18N.RAW_TO_CHAR (decrypted_raw, 'AL32UTF8');
DBMS_OUTPUT.PUT_LINE ('Decrypted string: ' || output_string);
END;
Upvotes: 1
Related Questions
- What is the DBMS_Crypto.encrypt() equivalent of DBMS_Obfuscation_Toolkit.DES3Encrypt()?
- dbms_crypto and a Powershell
- How to connect DBMS_CRYPTO?
- How to use DBMS_CRYPTO.encrypt function in oracle
- DBMS_CRYPTO.ENCRYPT returning different results in different oracle DB versions
- Oracle dbms_crypto for PKCS7
- Oracle XE and DBMS_CRYPTO
- DBMS_CRYPTO package is missing
- JSP CODE dbms obfuscation toolkit.DESEncrypt DECRYPT Oracle
- JSP Code to decrypt dbms_obfuscation_toolkit.DESEncrypt oracle