I need to authenticate users in a WEB application in the Oracle 10g database, but the credentials are native to the database for running an Oracle Forms application, and we would like to keep the same password on both systems (Single Sign-On ).
For this I need to encrypt via C #, the password that the user inserts into the WEB form to be able to authenticate (validation if the generated HASH is equal to the saved in the bank!).
I found this code in PHP, but even tried to convert more without success, since PHP is not my strong:
<?php
function oracle($un, $pw)
{
$pt = strtoupper($un . $pw);
$pt .= str_repeat("<?php
function oracle($un, $pw)
{
$pt = strtoupper($un . $pw);
$pt .= str_repeat("%pre%", 3 - ((strlen($pt) - 1) & 3));
$end = strlen($pt);
$pt .= $pt;
for ($a = 0; $a < $end; $a++)
{
$pt[2 * $a] = "%pre%";
$pt[2 * $a + 1] = $pt[$a + $end];
}
$ct = mcrypt_encrypt(MCRYPT_DES, hex2bin('0123456789ABCDEF'), $pt, 'cbc', "%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%");
$ct = mcrypt_encrypt(MCRYPT_DES, substr($ct, -8), $pt, 'cbc', "%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%");
return bin2hex(substr($ct, -8));
}
?>
", 3 - ((strlen($pt) - 1) & 3));
$end = strlen($pt);
$pt .= $pt;
for ($a = 0; $a < $end; $a++)
{
$pt[2 * $a] = "%pre%";
$pt[2 * $a + 1] = $pt[$a + $end];
}
$ct = mcrypt_encrypt(MCRYPT_DES, hex2bin('0123456789ABCDEF'), $pt, 'cbc', "%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%");
$ct = mcrypt_encrypt(MCRYPT_DES, substr($ct, -8), $pt, 'cbc', "%pre%%pre%%pre%%pre%%pre%%pre%%pre%%pre%");
return bin2hex(substr($ct, -8));
}
?>
And it really works because I tested it with the following data:
User: route
Password: test
Hash Generated: 89574FB579B04A40 (same as in the database)
If anyone can help me thank you!