试图在java中删除oracle过程DBMS_OBFUSCATION_TOOLKIT.DESDECRYPT

Question

为了减少对DB的调用次数，我尝试将此代码修改为java：

--set serveroutput on
declare
  l_aux        NUMBER;
  l_cle        RAW(9) := utl_raw.cast_to_raw('example21');
  l_crypt_raw  VARCHAR2(200);
  l_crypt_str  VARCHAR2(200);  
  p_txt_desencrip varchar2(200):='8387F8937F5F842F805C44B88429D2CD';
BEGIN
  l_crypt_raw := utl_raw.cast_to_raw(utl_raw.cast_to_varchar2( p_txt_desencrip));

  DBMS_OBFUSCATION_TOOLKIT.DESDECRYPT ( input          =>  p_txt_desencrip
                                           , key            =>  l_cle
                                           , decrypted_data =>  l_crypt_raw 
                                           );

  l_crypt_str := utl_raw.cast_to_varchar2(l_crypt_raw);

  l_aux := LENGTH(l_crypt_str);

  l_crypt_str := RPAD(l_crypt_str,l_aux-ASCII(SUBSTR(l_crypt_str,l_aux)));
  DBMS_OUTPUT.PUT_LINE('Decypted message->' ||  l_crypt_str); 

END;

我已经看到了所有解决这一任务的脚本，但无论如何，我的主要问题是，我的钥匙有9个字符。以下是我的java代码：

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
 
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import com.sun.mail.util.BASE64DecoderStream;
import com.sun.mail.util.BASE64EncoderStream;
 
public class Test{
 
    private static Cipher ecipher;
    private static Cipher dcipher;
 
    private static SecretKey key;
 
    public static void main(String[] args) {
 
        try {
            String clave =  "example21";
            // generate secret key using DES algorithm
            SecretKey key2 = new SecretKeySpec(clave.getBytes(), 0, 9, "DES");

            ecipher = Cipher.getInstance("DES");
            dcipher = Cipher.getInstance("DES");
             
            // initialize the ciphers with the given key
             
            ecipher.init(Cipher.ENCRYPT_MODE, key2);
                     
            dcipher.init(Cipher.DECRYPT_MODE, key2);
                     
            String encrypted = encrypt("text to encrypt");
            System.out.println(encrypted);
            String decrypted = decrypt(encrypted);
            System.out.println("Decrypted: " + decrypted);
        }catch (NoSuchAlgorithmException e) {
            System.out.println("No Such Algorithm:" + e.getMessage());
            return;
        }
        catch (NoSuchPaddingException e) {
            System.out.println("No Such Padding:" + e.getMessage());
            return;
        }
        catch (InvalidKeyException e) {
            System.out.println("Invalid Key:" + e.getMessage());
            return;
        }
    }
 
    public static String encrypt(String str) {
 
        try {
            // encode the string into a sequence of bytes using the named charset
            // storing the result into a new byte array. 
            byte[] utf8 = str.getBytes("UTF8");
            byte[] enc = ecipher.doFinal(utf8);
            // encode to base64
            enc = BASE64EncoderStream.encode(enc);
            return new String(enc);
        }catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }
 
    public static String decrypt(String str) {
 
        try {
            // decode with base64 to get bytes
            byte[] dec = BASE64DecoderStream.decode(str.getBytes());
            byte[] utf8 = dcipher.doFinal(dec);
            // create new string based on the specified charset
            return new String(utf8, "UTF8");
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }
 
}

我尝试过不同的方法和算法，但我总是得到错误的“无效密钥:错误的密钥大小”.

有什么建议我应该试试吗？

提前感谢！

Answer 1

• Firstly， DBMS_OBFUSCATION_TOOLKIT被废弃，不应该是used.
• Secondly，DES，它在20多年前就被破坏了，不应该再被使用了。

至于你的问题。关于关键参数，DBMS_OBFUSCATION_TOOLKIT.DESDECRYPT的文档有以下内容：

如果键长度丢失或小于8个字节，则该过程将引发错误ORA-28234“键长度太短”。注意，如果使用较大的键，则会忽略额外的字节。，这样一个9字节的键就不会生成异常.

因此，Java只是对密钥进行了更多的验证。