Skip to Main Content

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Why "dbms_crypto.mac" doesn't match "openssl" ?

pmaleraJul 12 2018 — edited Jul 31 2018

When I execute this PL/SQL code which is supposed to sign a message with "sh256" algorythm (Oracle 12.1) :

DECLARE

  l_temp RAW(4000);

  c_msg CONSTANT CLOB := 'Here is a message to be signed';

  c_key CONSTANT CLOB := '-----BEGIN RSA PRIVATE KEY-----

MIICXwIBAAKBgQDTQRqsiQBSWZ1w9aONc2NSZx6kv2vrM70g4aYImANVpsnOjxM6

S/gdUXhXo92TyD/sD5AMZzgGyOaRkWc3cSnLRo02IcWvLL2B4zP1P7461TvfkM5p

DjiVC8oGQ6x6izRlSQ2x+HAKHhzF7vri9WtK2aWmnnUTnbK2ZyFk4sDi0QIDAQAB

AoGBAKqRb2sNdwAGsVNKUhLcrr4S2rAkiosujC8nYjqgGlkmwNyRsvGn8x4g8Ky6

dyZiUhJUgncxRBBeV6QDJbajHR03NVhn1qWXCzkLIppKz0ta3nCclMohwA25n518

s8X7jESLLcS/DZ3qz3ljRxwXs3iZVodDgMxaKD775cQR1NZRAkEA7EiO5XO/kr4j

d3xKOPHukRmdKsZlMS2DUTwNnXpxA48T9b4TCn5/ht+Qs7YMtVt2dVHJTNq+UOmY

mkhj1cffPQJBAOTh4PYMckkjEU/UEdEBxCAhfOErbiVNSyqZjEcTR3HB97IJWZkC

98HKspV9R4qXr/y93ufL8TU2VRenOgO+CyUCQQCMIew9wQwZJ5M5RglvBG0MuTgx

KkDRjcCX6RnaD8f+6FhaIkSAsM1JXEYhjxKybHAw3DSa1BCTRDcxKUWsgEGxAkEA

tgVomWRmkwFfaCPYE2abKY5YON4IF4Qzreo04+VSIQbHzH+hEI2KqURg53+dIHvn

ilEZbzACYHYYD9p+ybEePQJBAIivBKeEYeV+ZT5HtwbNv30n35H2WmluSzrEoM0W

Dj0HTQoaKBcjFEEIgBUeHei2DKdo2L2Lamo9y4BqnSPodIc=

-----END RSA PRIVATE KEY-----';

BEGIN

  l_temp := dbms_crypto.mac(src => sys.utl_raw.cast_to_raw(c_msg),

                            key => sys.utl_raw.cast_to_raw(c_key),

                            typ => dbms_crypto.hmac_sh256);

  l_temp := utl_encode.base64_encode(l_temp);

  dbms_output.put_line(sys.utl_raw.cast_to_varchar2(l_temp));

END;

Result is : SjPV6jCQJg2RlvSOlAJQEP6YToahMja4RklVLDMmV4Q=

But if I do the same operation with openssl:

openssl.exe dgst -sha256 -sign PrivateKey.txt -out Record1.sha1 Record1.txt

openssl.exe enc -base64 -in Record1.sha1 -out Record1.b64 -A

Where "Record1.txt" contain same string as "c_msg" and "PrivateKey.txt" same as "c_key".

I get (Record1.b64) : RJ0Z4HEmJSvrfDwxVjL2Nq+W6NDq2y/LGQi5ADImb5vlatEy8LSlubbiiW/ZuT2E3OTah7ZbP+nlgsQJiPXq/cixkATE7Z+sRbN+bhBG2vUSf37vI2G6nqKBI8L5OO755mjGnVGXtxIncF4LNm6o9PtT4zwmIGDvMRgXcoX7ZXg=

Where is the mistake (in PL/SQL) ? How can I reach the result of "openssl" ?

Thanks for your help.

Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Aug 28 2018
Added on Jul 12 2018
1 comment
444 views