Re: [8.1.7] Anyone using the DBMS_OBFUSCATION_TOOLKIT.MD5 function ?

In article <9tb77q$1deu4$1_at_ID-18487.news.dfncis.de>, davide_at_yahoo.com says...
>
>Thomas Kyte <tkyte_at_us.oracle.com> wrote:
>> o I wouldn't call it "crypt", its a digest. crypt implies decrypt and
>> its not decryptable. its a one way digest
>
>I'll keep this in mind, but was just a fast test, so I didn't care a lot
>about the function name.
>
>> o i wouldn't substr the input string
>
>The problem is that the string *must be* 32 char at max, and was also
>a (desperate) try to force the PL/SQL interpreter to pick the right
>function... it didn't worked anyway.
>
>> You'll want to send in the user/password together so that different
>> people using
>
>Unfortunately I have to send only the password (I know that sucks, but
>this is the requirement).
>
>> o you do not need to substr the return result. The digest is always a
>> varchar2(16)
>
>Well, by my test is returning a varchar2(4000)...
>

That is your FUNCTION - your function returns a varchar2(4000). dbms_obfuscation_toolkit.md5 returns a:

    FUNCTION MD5(input_string    IN     VARCHAR2)
        RETURN varchar2_checksum;

which is defined as:

    SUBTYPE varchar2_checksum IS VARCHAR2(16);

You have to substr your CALL to the function to constrain it -- you cannot return a substr to constrain it.

so, you need to call:

   substr( your_function ...., 1, 16 );

not have your_function return a substr. All user defined functions return a varchar2(4000) if they return a varchar2 (it is just known that md5 will return only 16 character -- so your substr was not needed)
>Thnks.

--
Thomas Kyte (tkyte@us.oracle.com)             http://asktom.oracle.com/ 
Expert one on one Oracle, programming techniques and solutions for Oracle.
http://www.amazon.com/exec/obidos/ASIN/1861004826/  
Opinions are mine and do not necessarily reflect those of Oracle Corp