dbms_crypto 和一个 Powershell
dbms_crypto and a Powershell
谁能帮我编写在 Oracle 中加密字符串并使用 powershell 解密的代码? AES、DES,两者都行。我觉得我很接近但缺少一些东西...
另请参阅此 post:Convert encryption / decryption function in PowerShell to PHP (openssl_)
使用 Powershell 加密,我可以将“这是一个秘密”变成“AEe2LSdmwi79UYduDZS7Mg=”。下面将其解密。但是如何在 Oracle 中进行加密?
function DecryptDES
{
Param(
[String] $encrypted,
[byte[]] $Key,
[byte[]] $Iv
)
[byte[]]$NewStr = [System.Convert]::FromBase64String($encrypted)
$tdsAlg = New-Object System.Security.Cryptography.DESCryptoServiceProvider
$tdsAlg.Key = $Key
$tdsAlg.IV = $Iv
$encrypt = $tdsAlg.CreateDecryptor($tdsAlg.Key, $tdsAlg.IV)
$msEncrypt = New-Object System.IO.MemoryStream @(,$NewStr)
$csEncrypt = New-Object System.Security.Cryptography.CryptoStream $msEncrypt, $encrypt, "Read"
$swEncrypt = New-Object System.IO.StreamReader $csEncrypt
[String]$result = $swEncrypt.ReadToEnd()
$swEncrypt.Close()
$csEncrypt.Close()
$msEncrypt.Close()
$encrypt.Clear()
return $result;
}
$enc = [system.Text.Encoding]::UTF8
$string1 = "PeShVmYq"
$data1 = $enc.GetBytes($string1)
$dec = DecryptDES -encrypted 'AEe2LSdmwi79UYduDZS7Mg==' -Key $data1 -Iv $data1
Write-Host $dec
到目前为止我有这个 Oracle SQL:
select
dbms_crypto.Encrypt(
src => UTL_RAW.CAST_TO_RAW('Its a secret'),
typ => 4353,
key => UTL_ENCODE.BASE64_DECODE(UTL_RAW.CAST_TO_RAW('PeShVmYq')),
iv => UTL_ENCODE.BASE64_DECODE(UTL_RAW.CAST_TO_RAW('PeShVmYq')))
from dual
输出:
F480D03A9564CAAD0CD815EA1524B6B7
您需要将密钥和 IV 保留为 RAW,而不是对它们进行 base64 编码;然后 base64 编码加密调用的结果;最后将该 RAW 转换回字符串:
select
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
dbms_crypto.encrypt(
src => utl_raw.cast_to_raw('Its a secret'),
typ => 4353,
key => utl_raw.cast_to_raw('PeShVmYq'),
iv => utl_raw.cast_to_raw('PeShVmYq')
)
)
) as encrypted
from dual;
ENCRYPTED
----------------------------------------------------------------
AEe2LSdmwi79UYduDZS7Mg==
由于您在 PowerShell 脚本中指定了 UTF-8,而且通常确实如此,最好也使用特定字符集进行 RAW/string 转换:
select
utl_i18n.raw_to_char(
utl_encode.base64_encode(
dbms_crypto.encrypt(
src => utl_i18n.string_to_raw(data => 'Its a secret', dst_charset => 'AL32UTF8'),
typ => 4353,
key => utl_i18n.string_to_raw(data => 'PeShVmYq', dst_charset => 'AL32UTF8'),
iv => utl_i18n.string_to_raw(data => 'PeShVmYq', dst_charset => 'AL32UTF8')
)
),
src_charset => 'AL32UTF8'
) as encrypted
from dual;
得到相同的结果。
仅供参考,typ值4353(0x1101)来自:
dbms_crypto.encrypt_des + dbms_crypto.chain_cbc + dbms_crypto.pad_pkcs5
AES256 等价物为 4360;但您还需要更长的密钥。
谁能帮我编写在 Oracle 中加密字符串并使用 powershell 解密的代码? AES、DES,两者都行。我觉得我很接近但缺少一些东西...
另请参阅此 post:Convert encryption / decryption function in PowerShell to PHP (openssl_)
使用 Powershell 加密,我可以将“这是一个秘密”变成“AEe2LSdmwi79UYduDZS7Mg=”。下面将其解密。但是如何在 Oracle 中进行加密?
function DecryptDES
{
Param(
[String] $encrypted,
[byte[]] $Key,
[byte[]] $Iv
)
[byte[]]$NewStr = [System.Convert]::FromBase64String($encrypted)
$tdsAlg = New-Object System.Security.Cryptography.DESCryptoServiceProvider
$tdsAlg.Key = $Key
$tdsAlg.IV = $Iv
$encrypt = $tdsAlg.CreateDecryptor($tdsAlg.Key, $tdsAlg.IV)
$msEncrypt = New-Object System.IO.MemoryStream @(,$NewStr)
$csEncrypt = New-Object System.Security.Cryptography.CryptoStream $msEncrypt, $encrypt, "Read"
$swEncrypt = New-Object System.IO.StreamReader $csEncrypt
[String]$result = $swEncrypt.ReadToEnd()
$swEncrypt.Close()
$csEncrypt.Close()
$msEncrypt.Close()
$encrypt.Clear()
return $result;
}
$enc = [system.Text.Encoding]::UTF8
$string1 = "PeShVmYq"
$data1 = $enc.GetBytes($string1)
$dec = DecryptDES -encrypted 'AEe2LSdmwi79UYduDZS7Mg==' -Key $data1 -Iv $data1
Write-Host $dec
到目前为止我有这个 Oracle SQL:
select
dbms_crypto.Encrypt(
src => UTL_RAW.CAST_TO_RAW('Its a secret'),
typ => 4353,
key => UTL_ENCODE.BASE64_DECODE(UTL_RAW.CAST_TO_RAW('PeShVmYq')),
iv => UTL_ENCODE.BASE64_DECODE(UTL_RAW.CAST_TO_RAW('PeShVmYq')))
from dual
输出:
F480D03A9564CAAD0CD815EA1524B6B7
您需要将密钥和 IV 保留为 RAW,而不是对它们进行 base64 编码;然后 base64 编码加密调用的结果;最后将该 RAW 转换回字符串:
select
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
dbms_crypto.encrypt(
src => utl_raw.cast_to_raw('Its a secret'),
typ => 4353,
key => utl_raw.cast_to_raw('PeShVmYq'),
iv => utl_raw.cast_to_raw('PeShVmYq')
)
)
) as encrypted
from dual;
ENCRYPTED
----------------------------------------------------------------
AEe2LSdmwi79UYduDZS7Mg==
由于您在 PowerShell 脚本中指定了 UTF-8,而且通常确实如此,最好也使用特定字符集进行 RAW/string 转换:
select
utl_i18n.raw_to_char(
utl_encode.base64_encode(
dbms_crypto.encrypt(
src => utl_i18n.string_to_raw(data => 'Its a secret', dst_charset => 'AL32UTF8'),
typ => 4353,
key => utl_i18n.string_to_raw(data => 'PeShVmYq', dst_charset => 'AL32UTF8'),
iv => utl_i18n.string_to_raw(data => 'PeShVmYq', dst_charset => 'AL32UTF8')
)
),
src_charset => 'AL32UTF8'
) as encrypted
from dual;
得到相同的结果。
仅供参考,typ值4353(0x1101)来自:
dbms_crypto.encrypt_des + dbms_crypto.chain_cbc + dbms_crypto.pad_pkcs5
AES256 等价物为 4360;但您还需要更长的密钥。