AES25MS的Oracle DBMS_CRYPTO.ENCRYPT初始化向量长度

时间:2022-04-30 15:32:18

Is there a minimum/max length for the initialization vector when using the DBMS_CRYPTO.ENCRYPT proc? I get the error below:

使用DBMS_CRYPTO.ENCRYPT过程时,初始化向量是否有最小/最大长度?我收到以下错误:

ORA-28817: PL/SQL function returned an error.
ORA-06512: at "SYS.DBMS_CRYPTO_FFI", line 3
ORA-06512: at "SYS.DBMS_CRYPTO", line 13
ORA-06512: at "Test_Encryption", line 14
ORA-06512: at line 3

The code generating this error is as follows:

生成此错误的代码如下:

raw_encrypted_token := DBMS_CRYPTO.ENCRYPT( src => UTL_I18N.STRING_TO_RAW( input_token, 'AL32UTF8' ),
                                            typ => encryption_type,
                                            key => key_raw_form,
                                            iv => hextoraw('0123456789ABCDEF') );

When I change the key from 16 to 32 bytes I have no issues. However, I am experimenting decoding in Java using the Cipher object and the initialization vector can only be 16 bytes long. Any suggestions as to how I can solve the initialization vector issue in the pl/sql?

当我将密钥从16字节更改为32字节时,我没有任何问题。但是,我正在尝试使用Cipher对象在Java中进行解码,初始化向量只能是16个字节长。关于如何解决pl / sql中的初始化向量问题的任何建议?

1 个解决方案

#1


3  

For most block cipher modes of operation the initialization vector should have the same length as the block size. For AES, this is 128 bit = 16 bytes.

对于大多数分组密码操作模式,初始化矢量应具有与块大小相同的长度。对于AES,这是128位= 16字节。

Your code

hextoraw('0123456789ABCDEF')

actually produces a 16·4=64-bit value, since each hexadecimal digit corresponds to 4 bits, not to an 8 bit byte. So a 32 hex-digit string is the right length for a 128-bit initialization vector.

实际上产生一个16·4 = 64位的值,因为每个十六进制数字对应4位,而不是8位字节。因此,32位十六进制数字串是128位初始化向量的正确长度。

On another note, you should not use an hard-coded initialization vector if you use the same key for each record. For security purposes, each record should be encrypted with its own initialization vector - preferable a random one, though depending on the mode of operation (i.e. CTR), a unique one could be enough (if you let some space between consecutive ones).

另外,如果对每条记录使用相同的密钥,则不应使用硬编码的初始化向量。出于安全考虑,每条记录都应使用自己的初始化向量进行加密 - 最好是随机的,尽管取决于操作模式(即CTR),但是一个唯一的记录可能就足够了(如果你在连续的记录之间留出一些空间)。

#1


3  

For most block cipher modes of operation the initialization vector should have the same length as the block size. For AES, this is 128 bit = 16 bytes.

对于大多数分组密码操作模式,初始化矢量应具有与块大小相同的长度。对于AES,这是128位= 16字节。

Your code

hextoraw('0123456789ABCDEF')

actually produces a 16·4=64-bit value, since each hexadecimal digit corresponds to 4 bits, not to an 8 bit byte. So a 32 hex-digit string is the right length for a 128-bit initialization vector.

实际上产生一个16·4 = 64位的值,因为每个十六进制数字对应4位,而不是8位字节。因此,32位十六进制数字串是128位初始化向量的正确长度。

On another note, you should not use an hard-coded initialization vector if you use the same key for each record. For security purposes, each record should be encrypted with its own initialization vector - preferable a random one, though depending on the mode of operation (i.e. CTR), a unique one could be enough (if you let some space between consecutive ones).

另外,如果对每条记录使用相同的密钥,则不应使用硬编码的初始化向量。出于安全考虑,每条记录都应使用自己的初始化向量进行加密 - 最好是随机的,尽管取决于操作模式(即CTR),但是一个唯一的记录可能就足够了(如果你在连续的记录之间留出一些空间)。