I have custom authentication for my application . Right now I am hashing the given password and matching with the hashed saved password. However I would like to make it more secure, and wanted to encrypt and decrypt the password before sending to hash.
For that purpose I created two functions for encrypt and decrypt based on the example given in oracle documentation .
Here is my ENCRYPT function
************************************************************************************************
create or replace FUNCTION "ENCRYPT" (p_input VARCHAR2) RETURN RAW
IS
encryption_type PLS_INTEGER := DBMS_CRYPTO.ENCRYPT_AES256
+ DBMS_CRYPTO.CHAIN_CBC
+ DBMS_CRYPTO.PAD_PKCS5;
encryption_key RAW (2000);
num_key_bytes NUMBER := 256/8;
iv_raw RAW (16);
encrypted_raw RAW (2000);
BEGIN
encryption_key := DBMS_CRYPTO.RANDOMBYTES (num_key_bytes);
iv_raw := DBMS_CRYPTO.RANDOMBYTES (16);
encrypted_raw := DBMS_CRYPTO.ENCRYPT
(src => UTL_I18N.STRING_TO_RAW (p_input,'AL32UTF8'),
typ => encryption_type,
key => encryption_key,
iv => iv_raw);
RETURN encrypted_raw;
END encrypt;
********************************************************************************************************************************************************************************************************
When I do this SQL " select encrypt('secreate message') from dual" I get this result. 22A4FE061A2ECC03653DE198FAB4E0C8ED5A8CC6A2CC3E5523F3E3A820302C67
***********************************************************************************************************************************************************************************************************
Here is my DECRYPT function
create or replace FUNCTION "DECRYPT" (encrypted_raw in raw) RETURN varchar2
IS
encryption_type PLS_INTEGER := DBMS_CRYPTO.ENCRYPT_AES256
+ DBMS_CRYPTO.CHAIN_CBC
+ DBMS_CRYPTO.PAD_PKCS5;
encryption_key RAW (2000);
decrypted_raw RAW (2000);
iv_raw RAW (16);
num_key_bytes NUMBER := 256/8;
output_string VARCHAR2 (200);
BEGIN
encryption_key := DBMS_CRYPTO.RANDOMBYTES (num_key_bytes);
iv_raw := DBMS_CRYPTO.RANDOMBYTES (16);
decrypted_raw := DBMS_CRYPTO.DECRYPT
(src => encrypted_raw,
typ => encryption_type,
key => encryption_key,
iv => iv_raw);
output_string := UTL_I18N.RAW_TO_CHAR (decrypted_raw, 'AL32UTF8');
RETURN output_string;
END decrypt;
*****************************************************************************************************************************************************************
When I run this SQL, " select decrypt(encrypt('secreate message')) from dual" I get the following error.
*****************************************************************************************************************************************************************
ORA-28817: PL/SQL function returned an error.
ORA-06512: at "SYS.DBMS_CRYPTO_FFI", line 67
ORA-06512: at "SYS.DBMS_CRYPTO", line 44
ORA-06512: at "BASEHOME.DECRYPT", line 18
28817. 00000 - "PL/SQL function returned an error."
*****************************************************************************************************************************************************************
I couldn't figure out what is wrong in the DECRYPT function .
Can Someone help
Database version : Oracle Database 12c Standard Edition Release 12.1.0.2.0 - 64bit Production
Oracle Apex 5.1.2.00.09
Tested on SQL Developer
George