| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Encrypted passwords
In article <5b51e988.0410081007.4ba9aba7_at_posting.google.com>, scott says...
>
>Hi,
>
>I'm having a problem with encrypted fields while doing an database
>export from an 8.1.6 to a 9i database. The fields are encrypted fine
>on the original, and when I decrypt using my known key, the value is
>fine. On the new database, the encrypted value is exactly the same as
>the one on the 8.1.6 database, and the key being used is the same, but
>the result from decrypting is not the same. I'm using the package
>DBMS_OBFUSCATION_TOOLKIT, which should technically use the DES
>algorithm, and thus with the same key value, the result should be the
>same.
>
>If I re-encrypt a new password into the new database, and attempt the
>exact same decryption, it works fine. It's almost like their is some
>sort of underlying constant value that applies to that specific
>database only.
>
>Does anyone know how I can process this export without having to
>decrypt all of the passwords and then re-encrypt them in the new
>database?
There was a bug in 8.1.6 which caused the encryption to be done incorrectly. Unfortunately, fixing it caused the encryption engine to produce different values.
The toolkit does not tag the encrypted value with the version of the package that encrypted it, so there is no way for the target database to determine that the older version of the encryption engine needs to be done.
The upshot is that you'll need to decrypt the passwords and then re-encrypt them on the new database.
Rick
--
Rick Wessman
Oracle Corporation
The opinions expressed above are mine and do not necessarily reflect
those of Oracle Corporation.
Received on Mon Oct 11 2004 - 04:14:19 CDT
 |
 |