Database Reference
In-Depth Information
To handle larger amounts of data, there are a couple of methods: cipher block chaining (CBC) and
stream encryption. With CBC, large data is broken up into appropriate block sizes for encryption and
then decrypted and reassembled automatically for the user. (Whew, that takes a lot of burden off our
shoulders.) With stream encryption, each bit, byte, or block of bytes would be encrypted/decrypted as it
passed through the stream. A stream is simply a channel for data en route. You put bytes of data into a
stream, and take bytes of data out in the same order: first in first out (fifo). A stream can exist when
reading/writing data to storage, or across the network, or simply from one place (structure) in memory
to another.
RSA Public Key Cryptography
We will be using RSA public key cryptography for our PKE encryption algorithm. RSA stands for the last
names of the creators of the algorithm: Rivest, Shamir, and Adleman.
Because RSA uses a different key for encryption (e.g., private) from what is required for decryption
(e.g., public), it is called an asymmetric algorithm. All PKE is asymmetric encryption. With a long key
length, RSA is a very trustworthy encryption algorithm.
Java Code to Generate and Use RSA Keys
All our code for accomplishing Oracle database and Java security will reside in a single Java class (there
are some small exceptions; we will have some separate Java classes for testing our processes). As we walk
through the remaining chapters of this topic, we are going to develop security code in phases, adding
layers and concepts as we progress. Our single Java class will grow over time.
Our class will be called
OracleJavaSecure
, and we will define it in a package called
orajavsec
.
Because we do not have a single version of this file, we are going to have multiple directories (one per
chapter) where different versions of this Java code reside. This will make compiling and running a bit
more difficult, but I will provide instructions as needed to reference these files.
Note
You can find the following code in the file
Chapter5/orajavsec/OracleJavaSecure.java
. I recommend that
you open that file and refer to it as we proceed through this chapter.
Creating a Set of Keys
Listing 5-1 shows the code that is used for creating a set of PKE keys. This code, along with other Java
code in this chapter, comes from the
OracleJavaSecure
class.
Listing 5-1.
Create PKE Keys,
makeLocRSAKeys()
private static SecureRandom random;
private static int keyLengthRSA = 1024;
private static Key locRSAPrivKey;
private static RSAPublicKey locRSAPubKey;
private static void makeLocRSAKeys() throws Exception {
random = new SecureRandom();
KeyPairGenerator generator = KeyPairGenerator.getInstance( "RSA" );
