一旦 JavaScript 中的 cryptoJS 和 Oracle PL/SQL 中的 dbms_crypto 不兼容,尤其是在使用 Pkcs7 加密时,以下代码显示了如何做到这一点。答案在这里:
Javascript
var AesUtil = function() {};
AesUtil.prototype.encrypt = function(key, iv, plainText) {
var encrypted = CryptoJS.AES.encrypt(
plainText,
CryptoJS.enc.Base64.parse(key),
{ iv: CryptoJS.enc.Utf8.parse(iv), mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 });
return encrypted.ciphertext.toString(CryptoJS.enc.Base64);
}
AesUtil.prototype.decrypt = function(key, iv, cipherText) {
var cipherParams = CryptoJS.lib.CipherParams.create({
ciphertext: CryptoJS.enc.Base64.parse(cipherText)
});
var decrypted = CryptoJS.AES.decrypt(
cipherParams,
CryptoJS.enc.Base64.parse(key),
{ iv: CryptoJS.enc.Utf8.parse(iv), mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 });
return decrypted.toString(CryptoJS.enc.Utf8);
}
PL/SQL
create or replace package encrypt_decrypt_pk as
-- Created by Abdullah Zabarah 19/09/2020
-- grant execute on sys.dbms_crypto to <Your Schema>; -- Using sysdba
function fn_encrypt(a_text in varchar2, a_key varchar2, a_iv varchar2) return varchar2;
function fn_decrypt(a_token in varchar2, a_key varchar2, a_iv varchar2) return varchar2;
end encrypt_decrypt_pk;
/
create or replace package body encrypt_decrypt_pk as
-- Created by Abdullah Zabarah 19/09/2020
-- grant execute on sys.dbms_crypto to <Your Schema>; -- Using sysdba
function fn_encrypt(a_text in varchar2, a_key varchar2, a_iv varchar2)
return varchar2
as
encryption_type pls_integer :=
dbms_crypto.encrypt_aes128
+ dbms_crypto.chain_cbc
+ dbms_crypto.pad_pkcs5;
begin
return utl_raw.cast_to_varchar2(utl_encode.base64_encode(dbms_crypto.encrypt(
src => utl_raw.cast_to_raw(a_text),
typ => encryption_type,
key => utl_encode.base64_decode(utl_raw.cast_to_raw(a_key)),
iv => utl_raw.cast_to_raw(a_iv)
)));
end;
function fn_decrypt(a_token in varchar2, a_key varchar2, a_iv varchar2)
return varchar2
as
encryption_type pls_integer :=
dbms_crypto.encrypt_aes128
+ dbms_crypto.chain_cbc
+ dbms_crypto.pad_pkcs5;
begin
return utl_raw.cast_to_varchar2(dbms_crypto.decrypt(
src => utl_encode.base64_decode(utl_raw.cast_to_raw(a_token)),
typ => encryption_type,
key => utl_encode.base64_decode(utl_raw.cast_to_raw(a_key)),
iv => utl_raw.cast_to_raw(a_iv)
));
end;
end encrypt_decrypt_pk;
/