Database Reference
In-Depth Information
x.printStackTrace();
}
return rtrnString;
}
The first thing we do in the
try
block is to test whether the
sessionSecretDESKey
has already been
instantiated. If not, then we call two methods:
decryptSessionSecretDESPassPhrase()
(discussed in the
next section) and
makeSessionSecretDESKey()
. We discussed
makeSessionSecretDESKey()
earlier in this
chapter—it is the same method we called to build to the secret password key initially on the Oracle
database. We are calling it again on the client to build an identical key.
When we test whether we already have the
sessionSecretDESKey
, we also test the
boolean
testAsClientAndServer
. The
testAsClientAndServer boolean
is always
false
, unless we are testing the
OracleJavaSecure
class from its
main()
method. In the
main()
, when we set this
boolean
to
true
, we can
replace a locally generated DES secret password key with one coming from Oracle database at different
stages of testing. We will examine the code of the
main()
method a bit later in this chapter.
The
getDecryptData()
method is overloaded with a version that assumes the secret password key
has been built and does the decryption. It takes a
RAW
and returns the clear text as a
String
. The first
getDecryptData()
method (shown previously) calls this second
getDecryptData()
method, see Listing 6-
15.
Listing 6-15.
Decrypt Data with Existing Secret Password,
getDecryptData()
public static final String getDecryptData( RAW cryptData ) {
if( null == cryptData ) return null;
String rtrnString = "getDecryptData() B failed";
try {
cipherDES.init( Cipher.DECRYPT_MODE, sessionSecretDESKey, paramSpec );
rtrnString = new String( cipherDES.doFinal( cryptData.getBytes() ) );
} catch( Exception x ) {
//x.printStackTrace();
//rtrnString = x.toString();
}
return rtrnString;
}
This same, second
getDecryptData()
method is also called to decrypt data on the Oracle database
for encrypted data inserts and updates coming from the client. There on the Oracle database, we
presumably know that we already have our DES secret password key.
Decrypting the DES Passphrase using RSA Private Key
The
decryptSessionSecretDESPassPhrase()
method uses the client's RSA private key to decrypt all the
artifacts of the server DES secret password key. The code is presented in Listing 6-16.
Listing 6-16.
Decrypt Secret Password Key Artifacts,
decryptSessionSecretDESPassPhrase()
private static void decryptSessionSecretDESPassPhrase(
RAW cryptSecretDESPassPhrase, RAW cryptSecretDESAlgorithm,
RAW cryptSecretDESSalt, RAW cryptSecretDESIterationCount )
throws Exception
{
cipherRSA.init( Cipher.DECRYPT_MODE, locRSAPrivKey );