aes_encrypted string doesn't match original after aes_decrypt
Posted by: Chris Russell
Date: August 21, 2013 08:46AM

Hi All,

I'm trying to convert a bunch of passwords in my DB from one encryption method (DES) to another (AES). What I'm finding is that I can decrypt the original string, re-encrypt it using aes_encrypt (via a function call) but if I then call aes_decrypt I don't always get back the original string. Here are some code snippets:

public static final String AES_KEY = "mf3OIRkLFe2xLuPIARGHnCHzzuGb4Rnh4Qp9DKKn8qkyRjCT";

Encrypt method:
String stmt = "{? = CALL AES_ENCRYPT(?, ?)}";
CallableStatement cstmt = conn.prepareCall(stmt);
cstmt.setString(2, clearString);
cstmt.setString(3, AES_KEY);
cstmt.registerOutParameter(1, Types.VARBINARY);
byte[] varbinary = cstmt.getBytes(1);
String encString = new String(varbinary);
return encString;

Decrypt method:
String stmt = "{? = CALL AES_DECRYPT(?, ?)}";
CallableStatement cstmt = conn.prepareCall(stmt);
cstmt.setString(2, str);
cstmt.setString(3, AES_KEY);
cstmt.registerOutParameter(1, Types.VARCHAR);
String clearString = cstmt.getString(1);
return clearString;

I've tried several different key lengths (multiples of 8 chars) and varieties, including sending the key as a String or a Byte array.
Roughly 20% of my strings won't decrypt correctly but it's never the same 20% depending on which key I use.

I would like to use the aes function calls as a PHP process will be creating my users rows with their passwords.

Any help is greatly appreciated!
TIA... Chris

Options: ReplyQuote

Written By
aes_encrypted string doesn't match original after aes_decrypt
August 21, 2013 08:46AM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.