SHA512 hash in Oracle PLSQL vs Node.js-CodePudding

I need to get a hash in Ora PL-SQL thats the same as it is in Node.js using crypto module. In PLSQL im using integrated dbms_crypto.hash function. There is also dbms_crypto.mac function but i cant use it since there is no additional secret to use for hashing.

All 3 methods i've tried returned different results from Node crypto module.

  declare   
   v_body varchar2(1000):= 'myteststring';
   v_hash varchar2(1000); 
  begin
--1 method
 SELECT  sys.dbms_crypto.hash( utl_raw.cast_to_raw(v_body),  DBMS_CRYPTO.HASH_SH512 ) 
 INTO v_hash
 FROM dual; 
 dbms_output.put_line(lower((v_hash)));
 --result:516e7933c5ecd0721cd91cdbe341834ffe775bb32a223faa5c564d3ddf0b3069bdebfde2f07b642bad5f1351ec913247c737855ba8adf03cb56adc76ca3c8722
 
 --2 method
 SELECT standard_hash (utl_raw.cast_to_raw(v_body), 'SHA512')
 INTO v_hash
 FROM dual; 
 dbms_output.put_line(lower(v_hash));
 --result:516e7933c5ecd0721cd91cdbe341834ffe775bb32a223faa5c564d3ddf0b3069bdebfde2f07b642bad5f1351ec913247c737855ba8adf03cb56adc76ca3c8722

 --3 method
 SELECT standard_hash (rawtohex(v_body), 'SHA512')
 INTO v_hash
 FROM dual; 
 dbms_output.put_line(lower((v_hash)));
 --result:7dcaa1fd7e41a572158ec8a3742599f9e34ddd33d649e1952223780863ee66a6722ad93091cc6e42f53e16f896e130ac4e28794affde34819e32e77873c2ed46
 end;

In Node.js code is simple and looks like this (this is other side and cant change this):

const crypto = require('crypto');
var mystring = 'myteststring';
var hash = crypto.createHmac('sha512',mystring).digest('hex');
console.log(hash);
//22e6584b717cff0f6180bf988c5ebf0bbb0bc1959bbb911a203f9188971fc2de93b6c83465501747d1cde6f6efaf0b37d4ac278bcd3bb6fe662d3e9f7e0ae50c

Im not sure what im doing wrong, or this Ora function works different. I've also tried changing type of parameters (clob/varchar). Ora result is in hex as its in Node. Thanks in any advance!

CodePudding user response：

In Node.js, you are using createHmac rather than createHash.

If you use:

const crypto = require('crypto');
var mystring = 'myteststring';
var hash = crypto.createHash('sha512').update(mystring).digest('hex');
console.log(hash);

Then the output is:

516e7933c5ecd0721cd91cdbe341834ffe775bb32a223faa5c564d3ddf0b3069bdebfde2f07b642bad5f1351ec913247c737855ba8adf03cb56adc76ca3c8722

Which matches the output of your first two Oracle queries.

If you want to generate a HMAC then in Node.js you want:

const crypto = require('crypto');
var mystring = 'myteststring';
var secret = 'mysecret';
var hash = crypto.createHmac('sha512', secret).update(mystring).digest('hex');
console.log(hash);

and in Oracle, you want (untested):

DECLARE
  v_body varchar2(1000):= 'myteststring';
  v_key  varchar2(1000):= 'mysecret';
  v_hash varchar2(1000); 
BEGIN
  SELECT DBMS_CRYPTO.MAC(
           src => utl_raw.cast_to_raw(v_body),
           typ => DBMS_CRYPTO.HMAC_SH512,
           key => utl_raw.cast_to_raw(v_key)
         ) 
  INTO   v_hash
  FROM   DUAL; 

  dbms_output.put_line(lower((v_hash)));
END;
/

For your code you would want a NULL message (again, untested):

DECLARE
  v_body varchar2(1000):= NULL;
  v_key  varchar2(1000):= 'myteststring';
  v_hash varchar2(1000); 
BEGIN
  SELECT DBMS_CRYPTO.MAC(
           src => utl_raw.cast_to_raw(v_body),
           typ => DBMS_CRYPTO.HMAC_SH512,
           key => utl_raw.cast_to_raw(v_key)
         ) 
  INTO   v_hash
  FROM   DUAL; 

  dbms_output.put_line(lower((v_hash)));
END;
/

CodePudding user response：

Seems to work if you call the CLOB (or BLOB) overload of dbms_crypto.mac and pass an empty clob (or blob), e.g.

BEGIN
    dbms_output.put_line (
        dbms_crypto.mac (
            src => EMPTY_CLOB (),
            typ => dbms_crypto.hmac_sh512,
            key => utl_raw.cast_to_raw ('myteststring')));
END;
/

22E6584B717CFF0F6180BF988C5EBF0BBB0BC1959BBB911A203F9188971FC2DE93B6C83465501747D1CDE6F6EFAF0B37D4AC278BCD3BB6FE662D3E9F7E0AE50C