0

I have a column ID in oracle which was encrypted like this :

select CAST(DBMS_CRYPTO.encrypt(UTL_RAW.CAST_TO_RAW('SECRETSTRING'), 4356 , 'SOMEKEY') AS VARCHAR2(100 char)) as temp from dual;

Now i am reading this table in python using pandas. Now I want to decrypt this in python. I tried several ways, but I am unable decrypt it

Following are the things which I tried:

1)

from Cryptodome.Cipher import AES
from Cryptodome.Random import get_random_bytes

def decrypty(enc):
    unpad = lambda s: s[:-ord(s[-1:])]
    enc = base64.b64decode(enc)
    iv = enc[:AES.block_size]
    cipher = AES.new(__key__, AES.MODE_CFB, iv)
    return unpad(base64.b64decode(cipher.decrypt(enc[AES.block_size:])).decode('utf8'))

this threw an error : binascii.Error: Invalid base64-encoded string: number of data characters (1) cannot be 1 more than a multiple of 4

2)

from Crypto.Cipher import AES
from Crypto import Random

def decrypt(key, enc):
    enc = base64.b64decode(enc)
    iv = enc[:16]
    cipher = AES.new(key, AES.MODE_CBC, iv)
    return unpad(cipher.decrypt(enc[16:]), block_size=16)

This threw an error related to padding.

Basically if something is encrypted in DB with a key, using the same key I am unable to decrypt it in python. any pointers ?

Improve this question
3
  • 4356 is a meaningless magic number in your code. What encryption algorithm is the equivalent for that number? Commented Apr 7, 2022 at 7:59
  • 4356 appears to be dbms_crypto.encrypt_aes + dbms_crypto.pad_pkcs5 + dbms_crypto.chain_cbc. Commented Apr 7, 2022 at 8:24
  • I didn't find any documentation related to the magic numbers. But this thread has some info stackoverflow.com/questions/32472691/…. And yes its dbms_crypto.encrypt_aes + dbms_crypto.pad_pkcs5 + dbms_crypto.chain_cbc Commented Apr 7, 2022 at 10:34

1 Answer 1

Reset to default
0

If the database did the encryption I for sure would advice to use the database again for the decryption too, if possible at all.

If it is not possible to use the database for both the encryption and decryption, put them both in the python code.

Keep the code for en/de-cryption close and make the use the same bugs. Also: what is the reason for the encryption? Maybe that data is not meant to be readable for your application.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

The idea was.. we read the data from db (using select query with dbms_cryto functions on few columns) , then we generate a file and send it to users. They would use that file for some predictive analysis and send us back a file. Then i would decrypt the same

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.