This discussion is archived
3 Replies Latest reply: Jun 24, 2013 9:19 PM by user10819707 RSS

AES128 encryption Compatible with Oracle  and C#

user10819707 Newbie
Currently Being Moderated

Hello All,

 

I am trying to have an encryption logic written in Pl/SQL that could decrypt the value which is encrypted in Dot Net, using AES128 algorithm. Everytime when i try to have the decryption done, i lands up in one or the other error message. Below is the code snippet which i use. Could any one please help me in correcting it.?

 

create or replace FUNCTION decryptAES (EncryptedText IN VARCHAR2,EncKey IN VARCHAR2) RETURN VARCHAR2 DETERMINISTIC

     IS

        key_bytes_raw      RAW (2048);

  l_decrypted_raw   RAW (2048);

  encryption_type    PLS_INTEGER := DBMS_CRYPTO.ENCRYPT_AES128;

                        

     BEGIN

  key_bytes_raw:=UTL_RAW.CAST_TO_RAW(EncKey);

  l_decrypted_raw := dbms_crypto.decrypt

  (src =>utl_raw.cast_to_raw(EncryptedText),

  typ => encryption_type,

  key => key_bytes_raw

  );   

 

 

    RETURN (UTL_RAW.CAST_TO_VARCHAR2 (l_decrypted_raw));

   END decryptAES;

/

Thanks and Regards

Rithesh Krishnan

  • 1. Re: AES128 encryption Compatible with Oracle  and C#
    Etbin Guru
    Currently Being Moderated

    check http://docs.oracle.com/cd/E11882_01/appdev.112/e25788/d_crypto.htm#ARPLS65669

     

    Restrictions

    The VARCHAR2 datatype is not directly supported by DBMS_CRYPTO. Before you can perform cryptographic operations on data of the type VARCHAR2, you must convert it to the uniform database character set AL32UTF8, and then convert it to the RAW datatype. After performing these conversions, you can then encrypt it with the DBMS_CRYPTO package.

     

    To retrieve original plaintext data, DECRYPT must be called with the same cipher, modifiers, key, and IV that was used to encrypt the data originally.

     

    Regards

     

    Etbin

  • 2. Re: AES128 encryption Compatible with Oracle  and C#
    AlbertoFaenza Expert
    Currently Being Moderated

    Hi,

     

    do you have any particular reason to use DETERMINISTIC for this function?

     

    For your problem please read Re: 2. How do I ask a question on the forums?

    Once you have read it please provide information to be able to reproduce your problem.

     

    Since the key is created in dot net, could you please provide some EncryptedText and EncKey values?

     

    One issue could be related to the conversion VARCHAR2 to RAW. The Oracle docs are saying:

     

    Conversion Rules

    • To convert VARCHAR2 to RAW, use the UTL_I18N.STRING_TO_RAWfunction to perform the following steps:
    • Syntax example:

      UTL_I18N.STRING_TO_RAW (string, 'AL32UTF8'); 
      1. Convert VARCHAR2 in the current database character set to VARCHAR2 in the AL32UTF8 database character.

      2. Convert VARCHAR2 in the AL32UTF8 database character set to RAW.
    • To convert RAW to VARCHAR2, use the UTL_I18N.RAW_TO_CHARfunction to perform the following steps:

      Syntax example:

      UTL_I18N.RAW_TO_CHAR (data, 'AL32UTF8')
      1. Convert RAW to VARCHAR2 in the AL32UTF8 database character set.

      2. Convert VARCHAR2 in the AL32UTF8 database character set to VARCHAR2 in the database character set you wish to use.

    Regards.

    Al

  • 3. Re: AES128 encryption Compatible with Oracle  and C#
    user10819707 Newbie
    Currently Being Moderated

    Hello Alberto,

     

    Thanks for the reply.

     

    The test values are :

     

    String for encryption : Revolution

    String After Encryption : EAAAAA5dmZ3uslfC0vlPgaWn2yMtTtlfGIzcb//YWiKistRl

    Key used for Encryption : o6806642kbM7c5o6

     

    Dot Net Code used for Encrypting the String.

    -----------------------------------------------------------------------

    public static string EncryptStringAES(string plainText, string sharedSecret)

            {

                if (string.IsNullOrEmpty(plainText))

                    throw new ArgumentNullException("plainText");

                if (string.IsNullOrEmpty(sharedSecret))

                    throw new ArgumentNullException("sharedSecret");

     

                string outStr = null;                       // Encrypted string to return

                AesManaged  aesAlg = null;            

                

                try

                {

                    byte[] keyvalue = Encoding.UTF8.GetBytes(sharedSecret);

                    aesAlg = new AesManaged();

                    aesAlg.Key = keyvalue;

                    aesAlg.BlockSize = 128;

                    aesAlg.Padding = PaddingMode.Zeros;

                    aesAlg.Mode = CipherMode.CBC;

                    ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

                   

                    using (MemoryStream msEncrypt = new MemoryStream())

                    {

                        // prepend the IV

                        msEncrypt.Write(BitConverter.GetBytes(aesAlg.IV.Length), 0, sizeof(int));

                        msEncrypt.Write(aesAlg.IV, 0, aesAlg.IV.Length);

     

                        using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))

                        {

                            using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))

                            {

                                //Write all data to the stream.

                                swEncrypt.Write(plainText);

                            }

                        }

                        outStr = Convert.ToBase64String(msEncrypt.ToArray());

                    }

                }

                finally

                {

                   

                    if (aesAlg != null)

                        aesAlg.Clear();

                }

     

                // Return the encrypted bytes from the memory stream.

                return outStr;

            }

     

    I hope that this information would be useful to you..

     

    Thanks and Regards,

    Rithesh Krishnan

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points