DBMS_OBFUSCATION_TOOLKIT.DESENCRYPT Problem

Similar Messages

• Date field encryption using Dbms_Obfuscation_Toolkit.DESENCRYPT

  Hi,
  I need to encrypt the date field in the table using Dbms_Obfuscation_Toolkit.DESENCRYPT .
  This is an table is an existing table and is accessed by many interfaces, so we cannot change the column type of this date field.
  Is there a possibility of encrypting the date field and store it in the same column (DATE type).
  And access this using Dbms_Obfuscation_Toolkit.DESDECRYPT.
  We are using Oracle 11.2.0.2.0.
  Thanks in advance.
  Agathya

  >
  Is there a possibility of encrypting the date field and store it in the same column (DATE type).
  >
  No - the DESENCRYPT procedure returns a RAW value which can't be stored in a DATE column.
  See DESENCRYPT Procedures and Functions in Chapter 82 (DBMS_OBFUSCATION_TOOLKIT) of the PL/SQl Packages and Types Doc
  http://docs.oracle.com/cd/B28359_01/appdev.111/b28419/d_obtool.htm#i997215
  For what you want to do just use the ENCRYPT option of the CREATE TABLE or ALTER TABLE statements.
  See Using Transparent Data Encryption in the Advanced Security Admin Guide
  http://docs.oracle.com/cd/B28359_01/network.111/b28530/asotrans.htm#BABJJAIG
  >
  3.2 Using Transparent Data Encryption
  The following steps discuss using transparent data encryption:
  •Enabling Transparent Data Encryption
  •Setting and Resetting theMaster Encryption Key
  •Opening the Encrypted Wallet
  •Creating Tables with Encrypted Columns
  •Encrypting Columns in Existing Tables
  •Creating an Index on an Encrypted Column
  •Adding or Removing Salt from an Encrypted Column
  •Changing the Encryption Key or Algorithm for Tables Containing Encrypted Columns
  >
  Section 3.2.5.2 Encrypting an Unencrypted Column shows the ALTER TABLE statement for encrypting an existing column - this would leave the column as a DATE and you would work with it normally
  >
  3.2.5.2 Encrypting an Unencrypted Column
  To encrypt an unencrypted column, use the ALTER TABLE MODIFY command, specifying the unencrypted column with the ENCRYPT clause. Example 3-7 encrypts the first_name column in the employee table.
  Example 3-7 Encrypting an Unencrypted Column
  ALTER TABLE employee MODIFY (first_name ENCRYPT);
  The first_name column is encrypted with the default AES192 algorithm. Salt is added to the data, by default.
  You can choose to encrypt the column using a different algorithm. You can also specify NO SALT, if you wish to index the column.

• DBMS_OBFUSCATION_TOOLKIT.DESEncrypt  ... length of output ?

  If I know the max length of input data, can I know the max length of encrypted output ?
  (e.g. for storing password in encrypted format, i should know the size of field, if max length of password is known )

  The toolkit needs data in 8 byte multiples.
  That means if your password is varchar2(30) use raw(32) to store the encrypted passwords.

• Information about package sys.dbms_obfuscation_toolkit

  While using this package procedure DesEncrypt , we are facing error i.e
  too many declarations of 'DesEncrypt ' match this call......
  According to me, overloading of procedure has been performed based on datatypes of same family(i.e varchar2 and raw), which to me is not correct.
  Please suggest how to resolve this problem.
  Please give this work as urgent priority.

  You will need to use named notation (reference the parameter names in the call) instead of the normal positional notation because of the implicit conversions possible between varchar2 and raw.
  dbms_obfuscation_toolkit.DESEncrypt
    (input_string => v_string, key_string => v_key, encrypted_string=> v_encrypted_string);

• ORA-28232 w/ DBMS_OBFUSCATION_TOOLKIT

  I am attempting to use DBMS_OBFUSCATION_TOOLKIT.DESEncrypt on an Oracle 8.1.6.3 database. However it keeps throwing the 28232 error. However I am definitely using an 8 character password.
  Does anybody know what the problem might be?
  TIA, APC

  Here is the my_encryption package code ...........
  CREATE OR REPLACE PACKAGE BODY my_encryption IS
  || Local variable to hold the current encryption key.
  ps_encryption_key RAW(32);
  || Local exception to hide Oracle -28231 Error Code.
  INTERNAL_BAD_KEY exception;
  PRAGMA EXCEPTION_INIT(INTERNAL_BAD_KEY, -28231);
  || Local exception to hide Oracle -28232 Error Code.
  INTERNAL_BAD_DATA exception;
  PRAGMA EXCEPTION_INIT(INTERNAL_BAD_DATA, -28232);
  || Local function to get the encryption key for a particular case.
  FUNCTION get_case_encryption_key(pi_cas_id IN ELS_CASES.ID%TYPE) RETURN RAW IS
  || The key to be returned.
  key RAW(16);
  || Cursor to return the case encyption key in encrypted format.
  CURSOR c_case_key(b_cas_id ELS_CASES.ID%TYPE) IS
  SELECT encryption_key
  FROM els_cases
  WHERE id = b_cas_id;
  BEGIN
  OPEN c_case_key(pi_cas_id);
  FETCH c_case_key INTO key;
  CLOSE c_case_key;
  RETURN key;
  EXCEPTION
  WHEN NO_DATA_FOUND THEN
  RAISE NO_CASE;
  END;
  || Procedure to initialize package with the master key.
  || The master key will be held elsewhere from the database.
  PROCEDURE set_master_key(pi_key IN RAW) IS
  BEGIN
  IF LENGTHB(pi_key) != 32 THEN
  RAISE BAD_KEY;
  END IF;
  ps_encryption_key := pi_key;
  END;
  || Procedure to initialize package with the master key.
  || Always returns 'Y'
  || The master key will be held elsewhere from the database.
  FUNCTION set_master_key(pi_key IN RAW) RETURN VARCHAR2 IS
  BEGIN
  set_master_key(pi_key);
  RETURN 'Y';
  END;
  || Procedure to initialize package with the case encryption key.
  PROCEDURE set_case_key(pi_master_key IN RAW,
  pi_cas_id IN ELS_CASES.ID%TYPE) IS
  BEGIN
  ps_encryption_key := pi_master_key;
  ps_encryption_key := decrypt(pi_data=>get_case_encryption_key(pi_cas_id));
  END;
  || Function to initialize package with the case encryption key.
  || Always returns 'Y'
  FUNCTION set_case_key(pi_master_key IN RAW,
  pi_cas_id IN ELS_CASES.ID%TYPE) RETURN VARCHAR2 IS
  BEGIN
  set_case_key(pi_master_key,pi_cas_id);
  RETURN 'Y';
  END;
  || Function to encrypt data using the master key. Note the length of
  || pi_data, in bytes, must be at most 2000 bytes and be divisible by 8.
  FUNCTION encrypt(pi_data IN RAW) RETURN RAW IS
  BEGIN
  RETURN dbms_obfuscation_toolkit.DES3Encrypt(input => pi_data,
  key => ps_encryption_key);
  EXCEPTION
  WHEN INTERNAL_BAD_DATA THEN
  RAISE BAD_DATA;
  WHEN INTERNAL_BAD_KEY THEN
  RAISE BAD_KEY;
  END;
  || Function to encrypt a BLOB using the current encryption key.
  FUNCTION encrypt(pi_blob IN BLOB) RETURN BLOB IS
  || Temporary blob variable to hold the encrypted contents.
  result blob;
  || Variable to hold the length of the blob.
  blob_length PLS_INTEGER := dbms_lob.getlength(pi_blob);
  || The Oracle encryption routines can only encrypt data whose length is <=2000.
  max_chunk_length PLS_INTEGER := 2000;
  || Variable to hold the length of the current chunk that is being encrypted.
  chunk_length PLS_INTEGER;
  || Variable to remember which how much of the input blob has been encrypted.
  pointer PLS_INTEGER := 1;
  || Variable to hold the next bit of data to be encrypted.
  chunk RAW(2000);
  || Variable to hold a pad byte used to pad the last chunk.
  pad RAW(1) := utl_raw.substr(utl_raw.cast_to_raw('0'),1,1);
  BEGIN
  || Create the temporary blob using the database memory buffer.
  dbms_lob.createtemporary(result, TRUE, dbms_lob.call);
  || Loop through the input blob
  WHILE (pointer <= blob_length) LOOP
  || Grab at most 2000 bytes from the input blob.
  chunk_length := LEAST(max_chunk_length,blob_length-pointer+1);
  chunk := dbms_lob.substr(pi_blob,chunk_length,pointer);
  || Pad any chunk (ie the last) so its length is divisible by 8 (another Oracle limitation on encryption)!.
  WHILE mod(chunk_length,8) !=0 LOOP
  chunk := utl_raw.concat(chunk,pad);
  chunk_length := chunk_length+1;
  END LOOP;
  || Encrypt the chunk and write it to the end of the temporary blob.
  dbms_lob.writeappend(result,
  chunk_length,
  encrypt(pi_data => chunk)
  || Advance the pointer by the length of the last chunk.
  pointer := pointer + chunk_length;
  END LOOP;
  || All Done!
  RETURN result;
  END;
  || Function to decrypt data using the master key. Note the length of
  || pi_data, in bytes, must be at most 2000 bytes and be divisible by 8.
  FUNCTION decrypt(pi_data IN RAW) RETURN RAW IS
  BEGIN
  RETURN dbms_obfuscation_toolkit.DES3Decrypt(input => pi_data,
  key => ps_encryption_key);
  EXCEPTION
  WHEN INTERNAL_BAD_DATA THEN
  RAISE BAD_DATA;
  WHEN INTERNAL_BAD_KEY THEN
  RAISE BAD_KEY;
  END;
  || Function to decrypt a BLOB using the current encryption key.
  FUNCTION decrypt(pi_blob IN BLOB,
  pi_size IN PLS_INTEGER) RETURN BLOB IS
  || Temporary blob variable to hold the encrypted contents.
  result BLOB;
  || Variable to hold the length of the blob.
  blob_length PLS_INTEGER := dbms_lob.getlength(pi_blob);
  || The Oracle encryption routines can only encrypt data whose length is <=2000.
  max_chunk_length PLS_INTEGER := 2000;
  || Variable to hold the length of the current chunk that is being encrypted.
  chunk_length PLS_INTEGER;
  || Variable to remember which how much of the input blob has been encrypted.
  pointer PLS_INTEGER := 1;
  BEGIN
  || Create the temporary blob using the database memory buffer.
  dbms_lob.createtemporary(result, TRUE, dbms_lob.call);
  || Loop through the input blob
  WHILE (pointer <= blob_length) LOOP
  || Grab at most 2000 bytes from the input blob.
  chunk_length := LEAST(max_chunk_length,blob_length-pointer+1);
  || Decrypt the chunk and write it to the end of the temporary blob.
  dbms_lob.writeappend(result,
  chunk_length,
  decrypt(pi_data => dbms_lob.substr(pi_blob,
  chunk_length,
  pointer
  || Advance the pointer by the length of the last chunk.
  pointer := pointer + chunk_length;
  END LOOP;
  || Remove the padding bytes that were added when the data was encrypted.
  dbms_lob.trim(result,pi_size);
  || All Done!
  RETURN result;
  END;
  || Procedure to clear session state of stored keys.
  PROCEDURE CLEAR IS
  BEGIN
  ps_encryption_key:=null;
  END;
  END;
  and here is the PL/sql I run before running the sql stmt
  DECLARE
  mkey LONG RAW;
  BEGIN
  mkey := UTL_RAW.CAST_TO_RAW ('&&key');
  my_encryption.set_master_key(mkey);
  my_encryption.set_case_key(mkey,&&case_id);
  END;
  mkey is a 16 digit key .
  and the encrypted_contents I'm trying to decrypt is a BLOB.
  select my_encryption.decrypt(encrypted_contents,file_size),mime_type
  from my_drafts where id = &&draft_id;
  I hope this makes sense .
  Ragini

• DESEncrypt Function don't work with any charakter

  Hi!
  I wrote a function to encrypt data using the DESEncrypt function:
  Create or replace function verschluessel (input_str varchar2,key_string varchar2) return RAW as
  input_string varchar2 (4000);
  encrypted_string varchar2(4000);
  raw_input RAW(4000);
  raw_key RAW(128) := UTL_RAW.CAST_TO_RAW(key_string);
  encrypted_raw RAW(4000);
  test smallint := 8 - mod(length(input_str),8);
  ergaenz varchar2(7);
  begin
  loop
  if test = 0 OR test = 8 then
  exit;
  end if;
  ergaenz := ergaenz || ' ';
  test := test - 1;
  end loop;
  input_string := input_str || ergaenz;
  raw_input := UTL_RAW.CAST_TO_RAW(input_string);
  dbms_obfuscation_toolkit.DESEncrypt(input => raw_input,key => raw_key,
  encrypted_data => encrypted_raw);
  return encrypted_raw;
  end verschluessel;
  The problem is, if the input_string contains german umlaute or special french characters, the error message ORA-28232 "Invalid input size for Obfuscation toolkit" appears.
  How can I solve that ?
  Thanx Andri.

  Resolving issues with Touch ID
  Make sure that you're using the latest version of iOS.
  Make sure that your fingers and the Home button are clean and dry.*
  Note: Cover the Home button completely. Don't tap too quickly, don't press down hard, and don't move your finger while Touch ID is scanning. Make sure that your finger touches the metal ring around the Home button.
  If you're using a protective case or screen protector, it must leave the Home button and the surrounding ring completely unobscured. If it doesn't, remove the case or screen protector and try again.
  Tap Settings > Touch ID & Passcode and verify that:
  iPhone Unlock or iTunes & App Store is on.
  You enrolled one or more fingerprints.
  Try enrolling a different finger.
  If you can't enroll any of your fingers, take your iPhone 5s to an Apple Retail Store, Apple Authorized Service Provider, or contact AppleCare for further assistance.
  * Moisture, lotions, sweat, oils, cuts, or dry skin might affect fingerprint recognition. Certain activities can also temporarily affect fingerprint recognition, including exercising, showering, swimming, cooking, or other conditions or changes that affect your fingerprint.

• DBMS_OBFUSCATION_TOOLKIT

  Why is the result of a call to DBMS_OBFUSCATION_TOOLKIT.DESEncrypt not consistent.
  I try to exchange encrypted data between different instances of Oracle and the encrypted output is not the same.
  Are there differences from version to version of Oracle or is there some kind of parameter setting (seed) that I'm not aware of.
  Best regards
  -pELLE

  You might try posting this to the Products | Database | SQL and PL/SQL forum. The folks over there are generally going to be more familiar with this sort of database programming issue.
  A couple of questions, though, in addition to Carlos's point about making sure the same key is being used...
  - Are you storing the encrypted data in RAW columns? Or in VARCHAR2 columns?
  - Are your database character sets identical?
  Justin
  Distributed Database Consulting, Inc.
  http://www.ddbcinc.com/askDDBC

• Does dbms_obfuscation_toolkit support MD5 ?

  I want to know that does this package(dbms_obfuscation_toolkit) encrypts data in MD5 format . Does this package support MD5.
  Regards
  null

  CREATE OR REPLACE PROCEDURE obfuscation_demo AS
  l_data varchar2(255);
  l_string VARCHAR2(25) := 'hello world';
  BEGIN
  -- Both the key and the input data must have a length
  -- divisible by eight (the key must be exactly 8 bytes long).
  l_data := RPAD(l_string,(TRUNC(LENGTH(l_string)/8)+1)*8,CHR(0));
  DBMS_OUTPUT.PUT_LINE('l_string before encrypt: ' &#0124; &#0124; l_string);
  -- Encrypt the input string
  DBMS_OBFUSCATION_TOOLKIT.DESENCRYPT
  (input_string => l_data,
  key_string => 'magickey',
  encrypted_string => l_string);
  DBMS_OUTPUT.PUT_LINE('l_string ENCRYPTED: ' &#0124; &#0124; l_string);
  -- Decrypt the input string
  DBMS_OBFUSCATION_TOOLKIT.DESDECRYPT
  (input_string => l_string,
  key_string => 'magickey',
  decrypted_string => l_data);
  DBMS_OUTPUT.PUT_LINE('l_string DECRYPT: ' &#0124; &#0124; L_DATA);
  END;
  its encrypting in DES .
  You said that dbms_obfuscation_toolkit supports md5.
  If yes then how can i use this procedure to make it effective for md5. How does md5 implement on this procedure.
  Can u help me regarding this.
  Regards
  null

• Error while using 3DES algorithm

  Hi All,
  i am trying to decrypt and encrypt the data using 3DES algorithm.i am facing following problem.find below what exaclty i have done:
  SQL> variable x varchar2(100);
  SQL> exec :x := 'how r u Anwar';
  PL/SQL procedure successfully completed.
  X
  how r u Anwar
  SQL> create or replace procedure crypt1( p_str in out varchar2 )
  2 as
  3 l_data varchar2(255);
  4 begin
  5 l_data := rpad( p_str, (trunc(length(p_str)/8)+1)*8, chr(0) );
  6 dbms_obfuscation_toolkit.DESEncrypt
  7 ( input_string => l_data,
  8 key_string => 'MagicKey',
  9 encrypted_string=> p_str );
  10 end;
  11 /
  Procedure created.
  SQL> create or replace procedure decrypt1( p_str in out varchar2 )
  2 as
  3 l_data varchar2(255);
  4 begin
  5 dbms_obfuscation_toolkit.DESDecrypt
  6 ( input_string => p_str,
  7 key_string => 'MagicKey',
  8 decrypted_string=> l_data );
  9
  10 p_str := rtrim( l_data, chr(0) );
  11 end;
  12 /
  Procedure created.
  SQL> set autoprint on;
  SQL> exec crypt1( :x );
  PL/SQL procedure successfully completed.
  X
  5??V????? ??
  SQL> exec decrypt1( :x );
  BEGIN decrypt1( :x ); END;
  ERROR at line 1:
  ORA-28232: invalid input length for obfuscation toolkit
  ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT_FFI", line 0
  ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT", line 153
  ORA-06512: at "UJAPAN.DECRYPT1", line 5
  ORA-06512: at line 1
  X
  5??V????? ??
  Any idea or thought would be appreciable.
  Thanks n advance
  Anwar

  From the top of my head (without checking the docs) I think that the string to be obfuscated must have a length of a multitude of 8 bytes. You might need some padding to get it to the right length.
  cu
  Andreas

• Oracle Ias 9i and Apache - How connected?

  Hi everybody,
  here is my problem:
  i need to know how Oracle Ias 9i communicates with the Apache integrated in itself. I have to understand if i can redirect the requests to the Ias 9i through another Apache instance than the integrated one. This other Apache is resident on another server. Can i manage the communication between this new Apache istance and my Oracle Ias 9i? Does exist something similar to the mod_jk (communication Apache-Tomcat) i can use to do that? Or maybe the only Apache who can answer is the one integrated in my Oracle Ias 9i?
  Please, i'm in a big big hurry...
  Thank you!!!
  Matte

  This is a database package that do the job:
  CREATE OR REPLACE PACKAGE Cryptit AS
     FUNCTION encrypt( Str VARCHAR2 ) RETURN RAW;
     FUNCTION decrypt( xCrypt VARCHAR2 ) RETURN VARCHAR2;
  END Cryptit;
  CREATE OR REPLACE PACKAGE BODY Cryptit AS
     crypt_raw RAW(2000);
     crypt_str VARCHAR(2000);
     FUNCTION encrypt( Str VARCHAR2 ) RETURN RAW AS
     l INTEGER := LENGTH(str);
     i INTEGER;
     padblock RAW(2000);
     Cle RAW(8) := UTL_RAW.CAST_TO_RAW('frankzap');
     BEGIN
        i := 8-MOD(l,8);
        padblock := utl_raw.cast_to_raw(str||RPAD(CHR(i),i,CHR(i)));
        dbms_obfuscation_toolkit.DESEncrypt(
                 input     => padblock,
                 KEY       => Cle,
                 encrypted_data => crypt_raw );
        RETURN crypt_raw ;
     END;
     FUNCTION decrypt( xCrypt VARCHAR2 ) RETURN VARCHAR2 AS
     l NUMBER;
     Cle RAW(8) := UTL_RAW.CAST_TO_RAW('frankzap');
     crypt_raw RAW(2000) := utl_raw.cast_to_raw(utl_raw.cast_to_varchar2(xCrypt)) ;
     BEGIN
        dbms_obfuscation_toolkit.DESDecrypt(
                 input     => xCrypt,
                 KEY       => Cle,
                 decrypted_data => crypt_raw );
        crypt_str := utl_raw.cast_to_varchar2(crypt_raw);
        l := LENGTH(crypt_str);
        crypt_str := RPAD(crypt_str,l-ASCII(SUBSTR(crypt_str,l)));
        RETURN crypt_str;
     END;
  END Cryptit;
  /You can call the encrypt() function to get the encrypted string and call the decrypt() function to get the unencrypted string.
  Francois

• Encryption results in 8i and 9i are different

  I have the problem with encryption of data with DES key (DBMS_OBFUSCATION_TOOLKIT package). Encryption resuls are different in 8i and 9i database. I have data encrypted in 8i db and i am unable to decrypt them in 9i db. Have anyone same experience and some solution?
  There are different result with example code from bulletin "Encrypting Data using the DBMS_OBFUSCATION_TOOLKIT package" - Doc ID: Note:102902.1:
  ===============================================================
  set serveroutput on;
  CLEAR BUFFER
  PROMPT Please enter a password - Must be 8 characters !
  PROMPT
  ACCEPT PASSWD
  DECLARE
  input_string VARCHAR2(16) := 'abcdefgh';
  raw_input RAW(128) := UTL_RAW.CAST_TO_RAW(input_string);
  key_string VARCHAR2(16) := 'keepthesecretnum';
  raw_key RAW(128) := UTL_RAW.CAST_TO_RAW(key_string);
  encrypted_raw RAW(2048);
  encrypted_string VARCHAR2(2048);
  decrypted_raw RAW(2048);
  decrypted_string VARCHAR2(2048);
  error_in_input_buffer_length EXCEPTION;
  PRAGMA EXCEPTION_INIT(error_in_input_buffer_length, -28232);
  INPUT_BUFFER_LENGTH_ERR_MSG VARCHAR2(100) :=
  '*** DES INPUT BUFFER NOT A MULTIPLE OF 8 BYTES - IGNORING EXCEPTION ***';
  double_encrypt_not_permitted EXCEPTION;
  PRAGMA EXCEPTION_INIT(double_encrypt_not_permitted, -28233);
  DOUBLE_ENCRYPTION_ERR_MSG VARCHAR2(100) :=
  '*** CANNOT DOUBLE ENCRYPT DATA - IGNORING EXCEPTION ***';
  -- 1. Begin testing raw data encryption and decryption
  BEGIN
  dbms_output.put_line('> ========= BEGIN TEST RAW DATA =========');
  dbms_output.put_line('> Raw input : ' ||
  UTL_RAW.CAST_TO_VARCHAR2(raw_input));
  BEGIN
  dbms_obfuscation_toolkit.DESEncrypt(input => raw_input,
  key => raw_key, encrypted_data => encrypted_raw );
  dbms_output.put_line('> encrypted hex value : ' ||
  rawtohex(encrypted_raw));
  dbms_obfuscation_toolkit.DESDecrypt(input => encrypted_raw,
  key => raw_key, decrypted_data => decrypted_raw);
  dbms_output.put_line('> Decrypted raw output : ' ||
  UTL_RAW.CAST_TO_VARCHAR2(decrypted_raw));
  dbms_output.put_line('> ');
  if UTL_RAW.CAST_TO_VARCHAR2(raw_input) =
  UTL_RAW.CAST_TO_VARCHAR2(decrypted_raw) THEN
  dbms_output.put_line('> Raw DES Encyption and Decryption successful');
  END if;
  EXCEPTION
  WHEN error_in_input_buffer_length THEN
  dbms_output.put_line('> ' || INPUT_BUFFER_LENGTH_ERR_MSG);
  END;
  dbms_output.put_line('> ');
  END;
  ===============================================================
  Result in 8i (8.1.7.0.0):
  ========= BEGIN TEST RAW DATA =========
  Raw input : abcdefgh
  encrypted hex value : 13E7047CADC24D5E
  Decrypted raw output : abcdefgh
  Raw DES Encyption and Decryption successful
  Result in 9i (9.0.1.0.0):
  ========= BEGIN TEST RAW DATA =========
  Raw input : abcdefgh
  encrypted hex value : FBC0CF116D1B48E8
  Decrypted raw output : abcdefgh
  Raw DES Encyption and Decryption successful

  I know Oracle intended to introduce stronger encryption in 9i, but I thought they did that by adding new procedures. I know they occasionally change the hashing algorithm, so you have to be careful with stored passwords and the like. But if they really have screwed up the DESEncrypt function, that is very poor.
  I would recommend you contact Support about it. If you don't have a support contract and this is a bug then I think the only thing you can do is to restore your 8i database, decrypt the data, then do the ungrade and re-encrypt. But this sort of thing really ought to be in the Release Notes.
  Good luck, APC

• Encryption in PL/SQL

  Hi all,
  Has anyone came across encryption code, such as DES, written in PL/SQL?
  I found two files in Oralce 8.1.6, namely $ORACLE_HOME/rdbms/admin/dbmsobtk.sql & prvtobtk.plb. These files created a package called DBMS_OBFUSCATION_TOOLKIT which contains the following procedures:
  PROCEDURE DESEncrypt(
  input IN RAW,
  key IN RAW,
  encrypted_data OUT RAW);
  PROCEDURE DESEncrypt(
  input_string IN VARCHAR2,
  key_string IN VARCHAR2,
  encrypted_string OUT VARCHAR2);
  PROCEDURE DESDecrypt(
  input IN RAW,
  key IN RAW,
  decrypted_data OUT RAW);
  PROCEDURE DESDecrypt(
  input_string IN VARCHAR2,
  key_string IN VARCHAR2,
  decrypted_string OUT VARCHAR2);
  I compiled the package, using sys, then granted execute privilege to a user. However I encountered error when compiling my PL/SQL function which calls the DESEncrypt procedure. The following is my code and error message
  My Code
  CREATE OR REPLACE FUNCTION DESEncrypt(pv_string VARCHAR2, pv_despin VARCHAR2) RETURN VARCHAR2
  AS
  lv_encrypted VARCHAR2(128);
  BEGIN
  DBMS_OBFUSCATION_TOOLKIT.DESENCRYPT(pv_string, pv_despin, lv_encrypted);
  RETURN(lv_encrypted);
  END;
  Error Message
  LINE/COL ERROR
  5/2 PLS-00307: too many declarations of 'DESENCRYPT' match this call
  5/2 PL/SQL: Statement ignored
  Appreciate if someone can tell me where to find Encrypt code written in PL/SQL or help me resolve this problem (I can't change the package body for DBMS_OBFUSCATION_TOOLKIT since the prvtobtk file is wrapped.
  Thank you.
  Rdgs,
  Lau

  You must ensure that the lenght of the string to encrypt is divisible by 8. Perform the following before calling
  /* Pad the string with spaces until it's length is a multiple of 8 */
  while mod(strLength, 8) <> 0
  loop
  encryption_string := encryption_string &#0124; &#0124; ' ';
  strLength := length(encryption_string);
  end loop;
  /* Encrypt the string the was passed to the procedure */
  dbms_obfuscation_toolkit.desencrypt(input_string => encryption_string,
  key_string => v_key_string,
  encrypted_string => v_encrypted_form);
  Thanks
  <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by hlau:
  Hi all,
  Has anyone came across encryption code, such as DES, written in PL/SQL?
  I found two files in Oralce 8.1.6, namely $ORACLE_HOME/rdbms/admin/dbmsobtk.sql & prvtobtk.plb. These files created a package called DBMS_OBFUSCATION_TOOLKIT which contains the following procedures:
  PROCEDURE DESEncrypt(
  input IN RAW,
  key IN RAW,
  encrypted_data OUT RAW);
  PROCEDURE DESEncrypt(
  input_string IN VARCHAR2,
  key_string IN VARCHAR2,
  encrypted_string OUT VARCHAR2);
  PROCEDURE DESDecrypt(
  input IN RAW,
  key IN RAW,
  decrypted_data OUT RAW);
  PROCEDURE DESDecrypt(
  input_string IN VARCHAR2,
  key_string IN VARCHAR2,
  decrypted_string OUT VARCHAR2);
  I compiled the package, using sys, then granted execute privilege to a user. However I encountered error when compiling my PL/SQL function which calls the DESEncrypt procedure. The following is my code and error message
  My Code
  CREATE OR REPLACE FUNCTION DESEncrypt(pv_string VARCHAR2, pv_despin VARCHAR2) RETURN VARCHAR2
  AS
  lv_encrypted VARCHAR2(128);
  BEGIN
  DBMS_OBFUSCATION_TOOLKIT.DESENCRYPT(pv_string, pv_despin, lv_encrypted);
  RETURN(lv_encrypted);
  END;
  Error Message
  LINE/COL ERROR
  -------- <HR></BLOCKQUOTE>
  null

• How to encrypt characters with multilingual?

  Hi,
  I used DBMS_OBFUSCATION_TOOLKIT.DESENCRYPT to encrypt characters without problem in plsql. However, when I attempted to encrypt characters containing Chinese characters (combinations of ABC's and Chinese characters), somehow it will give me the following errors:
  ORA-28232: invalid input length for obfuscation toolkit
  ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT_FFI", line 21
  ORA-06512: at "SYS.DBMS_OBFUSCATION_TOOLKIT", line 99
  Please advice if it is possible to encrypt multilingual characters and if so, how, if it is different from the normal encryption ways. My database is 10g with UTF8 and the mentioned data is retrieved from database.
  Thank you in advance.
  Regards,
  wongly

  Hi,
  This is because the input data to DESENCRYPT must be a multiple of 8 bytes. If the input is chinese characters then 8 characters will be longer than 8 bytes. You must use lengthb and substrb functions to ensure that the input is exactly a multiple of 8 bytes.

• How to store en-crypted  passwords in Oracle database.

  There are several user IDs for whom passwords are to be stored in database which are to be encrypted and there should be a function to compare the passwords entered with the passwords stored in the database .
  Could any one let me know how to do this in Oralce.
  thanks

  I'm giving u a small example -
  declare
  encryp raw(192) :=utl_raw.cast_to_raw('satyakidesatyaki');
  ekey raw(8) :=utl_raw.cast_to_raw('12345678');
  encryp1 raw(192);
  begin
  dbms_obfuscation_toolkit.desencrypt(input=>encryp,key=>ekey,encrypted_data =>encryp1);
  dbms_output.put_line('after encry'||encryp1);
  end;
  I Hope this will help u a bit.
  Satyaki.

• Data Encryption using DBMS_OBSFUCATION_PACKAGE

  Hello Friends,
  I want to encrypt EMPNAME column data in EMP table using
  DBMS_OBSFUCATION_PACKAGE. I am not getting much help for this
  package. can anybody suggest me some sites concerning
  information on package ?
  Thanx.
  Adi

  try this one.
  I am pasting the procedure.
  run catobtk.sql from sys
  DECLARE
  input_string VARCHAR2(16) := 'SRINIVAS';
  raw_input RAW(128) := sys.UTL_RAW.CAST_TO_RAW(input_string);
  #key_string VARCHAR2(16) := 'keepthesecretnum';
  key_string VARCHAR2(16) := 'abcdefghijklmnop';
  raw_key RAW(128) := sys.UTL_RAW.CAST_TO_RAW(key_string);
  encrypted_raw RAW(2048);
  encrypted_string VARCHAR2(2048);
  decrypted_raw RAW(2048);
  decrypted_string VARCHAR2(2048);
  error_in_input_buffer_length EXCEPTION;
  PRAGMA EXCEPTION_INIT(error_in_input_buffer_length, -28232);
  INPUT_BUFFER_LENGTH_ERR_MSG VARCHAR2(100) :=
  '*** DES INPUT BUFFER NOT A MULTIPLE OF 8 BYTES - IGNORING
  EXCEPTION ***';
  double_encrypt_not_permitted EXCEPTION;
  PRAGMA EXCEPTION_INIT(double_encrypt_not_permitted, -28233);
  DOUBLE_ENCRYPTION_ERR_MSG VARCHAR2(100) :=
  '*** CANNOT DOUBLE ENCRYPT DATA - IGNORING EXCEPTION ***';
  -- 1. Begin testing raw data encryption and decryption
  BEGIN
  dbms_output.put_line('> ========= BEGIN TEST RAW DATA
  =========');
  dbms_output.put_line('> Raw input : ' ||
  sys.UTL_RAW.CAST_TO_VARCHAR2(raw_input));
  BEGIN
  sys.dbms_obfuscation_toolkit.DESEncrypt(input => raw_input,
  key => raw_key, encrypted_data => encrypted_raw );
  sys.dbms_output.put_line('> encrypted hex value : ' ||
  rawtohex(encrypted_raw));
  sys.dbms_obfuscation_toolkit.DESDecrypt(input => encrypted_raw,
  key => raw_key, decrypted_data => decrypted_raw);
  dbms_output.put_line('> Decrypted raw output : ' ||
  sys.UTL_RAW.CAST_TO_VARCHAR2(decrypted_raw));
  dbms_output.put_line('> ');
  if sys.UTL_RAW.CAST_TO_VARCHAR2(raw_input) =
  sys.UTL_RAW.CAST_TO_VARCHAR2(decrypted_raw) THEN
  dbms_output.put_line('> Raw DES Encyption and Decryption
  successful');
  END if;
  EXCEPTION
  WHEN error_in_input_buffer_length THEN
  dbms_output.put_line('> ' || INPUT_BUFFER_LENGTH_ERR_MSG);
  END;
  dbms_output.put_line('> ');
  END;