plsql realizes DES symmetric encryption and Java decryption
- 2021-08-21 20:32:49
- OfStack
Background
The interface of a project is developed by plsql, and the user password is returned by the interface, but the password cannot be returned in plain text. Because the clear text password is needed in the program, the password can only be symmetrically encrypted in plsql and decrypted in the program, and the program is developed by java.
Realization
dbms_crypto is an encryption package of oracle, which contains many encryption and decryption methods. Non-dba users need authorization to use it
grant execute on dbms_crypto to xxx;
The following is an function encrypted by DES algorithm
function encrypt_password(p_password in varchar2) return varchar2 is
v_key varchar2(32) := 'TucM2fYDaxnd1UeRL7HVvyshXvXaMKO9';
v_encrypted_raw RAW(256);
begin
v_encrypted_raw := dbms_crypto.Encrypt(src => UTL_RAW.CAST_TO_RAW(p_password),
typ => DBMS_CRYPTO.DES_CBC_PKCS5,
iv=>UTL_RAW.CAST_TO_RAW('12345678'),
key => UTL_RAW.CAST_TO_RAW(v_key));
return utl_raw.cast_to_varchar2(utl_encode.base64_encode(v_encrypted_raw));
end;
v_key: Key
typ: Encryption algorithm. Here, DES encryption algorithm is adopted, which can be encrypted by using key and decrypted by using the same key. DES_CBC_PKCS5 is divided into three sections, DES indicates that the encryption algorithm is DES, CBC indicates that CBC mode is used for encryption, and PKCS5 indicates the filling mode of packets. In most cases, plaintext is not just a multiple of 64 bits. For the last packet, if the length is less than 64 bits, it needs to be filled with data to 64 bits. PKCS5Padding is a common populating method, and if it is not specified, it is the default method.
iv: If the CBC mode is used for encryption, the initialization vector IV needs to be specified
Here, the return value is encoded by base64, because the encrypted data may be binary data. In order to facilitate transmission, base64 is encoded. The following is the test result
Enter: zhengjianfeng
Output: N8pbaNezTEJO34jIgJhUFg==
java decryption
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
import java.security.Key;
import java.util.Base64;
/**
* @Description:
* @author: jianfeng.zheng
* @since: 2021/2/20 12:12 Morning
* @history: 1.2021/2/20 created by jianfeng.zheng
*/
public class DesDecryptDemo {
private final static String IV_PARAMETER = "12345678";
private static final String ALGORITHM = "DES";
private static final String CIPHER_ALGORITHM = "DES/CBC/PKCS5Padding";
private static final String CHARSET = "utf-8";
private static final String KEY = "TucM2fYDaxnd1UeRL7HVvyshXvXaMKO9";
public static void main(String[] args) {
String encryptData = "N8pbaNezTEJO34jIgJhUFg==";
System.out.println(" Ciphertext :" + encryptData);
String plainText = decrypt(KEY, encryptData);
System.out.println(" Cleartext :" + plainText);
}
public static String decrypt(String key, String data) {
if (key == null || key.length() < 8) {
throw new RuntimeException(" Encryption failed, key Can't be less than 8 Bit ");
}
if (data == null) {
return null;
}
try {
DESKeySpec dks = new DESKeySpec(key.getBytes(CHARSET));
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
Key secretKey = keyFactory.generateSecret(dks);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
// Set initialization vector
IvParameterSpec iv = new IvParameterSpec(IV_PARAMETER.getBytes(CHARSET));
cipher.init(Cipher.DECRYPT_MODE, secretKey, iv);
return new String(cipher.doFinal(Base64.getDecoder().decode(data.getBytes(CHARSET))), CHARSET);
} catch (Exception e) {
e.printStackTrace();
return data;
}
}
}
Running result
Ciphertext :N8pbaNezTEJO34jIgJhUFg==
Cleartext :zhengjianfeng
You can see that you can get clear text
The above is plsql DES symmetric encryption Java decryption details, more about plsql symmetric encryption java decryption information please pay attention to other related articles on this site!