Re: Storing encrypted strings in a password column

Jurgen

All character data type fields are converted by Oracle when passed through SQL*Net from one "locale" character set to another (typically client to server or visa versa) (set information on NLS settings in the manuals for more details). If you are storing an encrypted string I'd take a guess and suggest it is not true character data after encryption but more likely binary data i.e. the charcters have been encrypted into binary. You would be better storing it in a raw or blob where no "character conversion" occurs.

Andy

"Jurgen Lindt" <nospam_at_nospam.com> wrote in message news:58gg9.10921$1C2.877880_at_bgtnsc04-news.ops.worldnet.att.net...
> Hello,
>
> I am trying to store an encrypted string into a VARCHAR2 column in Oracle
 8i
> for Solaris. The problem is (without actually having the string to show
> you), when I do a:
>
> SELECT '<binary character string>' FROM DUAL
>
> ...the result comes back with "?"s at specific points in the string -
 always
> at the same location. If I store the binary string in the column using an
> UPDATE statement, upon running a SELECT, it comes back as showing the same
> string.
>
> If I run:
>
> SELECT ASCII( SUBSTR( PASSWORD, 1, 1 ) ) FROM <table> WHERE <criteria>
>
> It shows me 63, which is the ASCII value for a question mark, not the same
> character that I originally stored. So from what I can see, something
> (SQLNet, OCI?) is translating certain characters in the string to "?"s
> before Oracle gets it, then Oracle is storing the translated version.
>
> Has anyone experienced this?
>
> JL
>
>
>
Received on Fri Sep 13 2002 - 02:43:46 CDT