John Davidson

encryption - PL/SQL and PHP encode encrypt returning different value

0 comments
Message:


PHP
result RWOorls4A/WOiWnGkNT1ZA==


    <?php
$str= "1668621";
$password="1987";
$encrypted_string=openssl_encrypt($str,"AES-128-ECB",$password);

PLSQL
result 0E805DCF65571F4AAB898328B51B4034


 DECLARE
input_string VARCHAR2(50):= '1668621';
encryption_key raw(32);
encrypted_string raw(2000);
encryption_type pls_integer := DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_ECB + DBMS_CRYPTO.PAD_PKCS5;


BEGIN

-- First the key is hashed with md5 to make it a 128bit key:
encryption_key := DBMS_CRYPTO.Hash(utl_raw.cast_to_raw('1987'), DBMS_CRYPTO.HASH_MD5);

encrypted_string := DBMS_CRYPTO.ENCRYPT(
src => utl_raw.cast_to_raw(input_string), typ => encryption_type, key => encryption_key);


Is there a way to get same result in php and in PL/SQL?



My Answer:
Yes, the difference in the results is due to the different encryption algorithms and padding used in PHP and PL/SQL. To get the same result in both languages, you need to make sure that you are using the same encryption algorithm and padding.

In this case, you are using AES-128-ECB in PHP and AES-128-ECB with PKCS5 padding in PL/SQL. To get the same result, you can change the encryption type in PL/SQL to use ECB mode with no padding. Here is the updated PL/SQL code:

sql
DECLARE
input_string VARCHAR2(50):= '1668621';
encryption_key raw(16);
encrypted_string raw(2000);
encryption_type pls_integer := DBMS_CRYPTO.ENCRYPT_AES128 + DBMS_CRYPTO.CHAIN_ECB + DBMS_CRYPTO.NO_PADDING;

BEGIN

-- First the key is hashed with md5 to make it a 128bit key:
encryption_key := DBMS_CRYPTO.Hash(utl_raw.cast_to_raw('1987'), DBMS_CRYPTO.HASH_MD5);

encrypted_string := DBMS_CRYPTO.ENCRYPT(
src => utl_raw.cast_to_raw(input_string), typ => encryption_type, key => encryption_key);

END;
/


With this change, both PHP and PL/SQL should now produce the same encrypted result for the given input string and encryption key.

Rate this post

3 of 5 based on 2844 votes

Comments




© 2024 Hayatsk.info - Personal Blogs Platform. All Rights Reserved.
Create blog  |  Privacy Policy  |  Terms & Conditions  |  Contact Us