Secret Password Encryption - Expert Oracle and Java Security

Database Reference

In-Depth Information

stmt.setNull( 10, OracleTypes.RAW );

stmt.executeUpdate();

errNo = stmt.getInt( 7 );

if( errNo != 0 ) {

errMsg = stmt.getString( 8 );

System.out.println( "Oracle error " + errNo +

", " + errMsg );

System.out.println( (stmt.getRAW( 10 )).toString() );

} else {

//mCryptSessionSecretDESSalt = stmt.getRAW( 3 );

//mCryptSessionSecretDESIterationCount = stmt.getRAW( 4 );

//mCryptSessionSecretDESAlgorithm = stmt.getRAW( 5 );

//mCryptSessionSecretDESPassPhrase = stmt.getRAW( 6 );

cryptData = stmt.getRAW( 10 ) ;

System.out.println( getDecryptData( cryptData,

mCryptSessionSecretDESPassPhrase,

mCryptSessionSecretDESAlgorithm, mCryptSessionSecretDESSalt,

mCryptSessionSecretDESIterationCount ) );

}

if( null != stmt ) stmt.close();

Along with key exchange, we send the string “Tuesday” to the p_get_des_crypt_test_data

procedure to be encrypted on Oracle database using the secret password key. So, after executing the

Statement , we retrieve the encrypted data, and then decrypt the data by calling getDecryptData() locally

on the client and print out the decrypted String . Notice that the getDecryptData() method takes all the

encrypted secret password key artifacts.

If the secret password key has not yet been built, then getDecryptData() calls

makeSessionSecretDESKey() . When we call getDecryptData() we pass sufficient parameters, the artifacts

of the secret password key, to build the key; but if it has already been built, we do not repeat that effort.

We may call getDecryptData() multiple times for multiple pieces of encrypted data, but the effort to

build the secret password key will only be undertaken once.

Testing Oracle Database Encrypt and Local Decrypt Data

The next test in Listing 6-24 is even more concise, if unrealistic. We will call the temporary function,

f_get_crypt_data to get encrypted data representing a clear text String , “Wednesday”. We will get the

encrypted data RAW back from the statement and call the getDecryptData() method locally to decrypt it,

printing the result.

Listing 6-24. Get Crypt Data, from main()

stmt = ( OracleCallableStatement )conn.prepareCall(

"{? = call app_sec_pkg. f_get_crypt_data (?) }" );

stmt.registerOutParameter( 1, OracleTypes.RAW );

stmt.setString( 2, "Wednesday" );

stmt.executeUpdate();

cryptData = stmt.getRAW( 1 ) ;

System.out.println( getDecryptData( cryptData,

mCryptSessionSecretDESPassPhrase,

Expert Oracle and Java Security

Search WWH ::

Custom Search

Home