Database Reference
In-Depth Information
generator.initialize( keyLengthRSA, random );
KeyPair pair = generator.generateKeyPair();
locRSAPrivKey = pair.getPrivate();
locRSAPubKey = ( RSAPublicKey )pair.getPublic();
}
We use the JCE class named
KeyPairGenerator
to generate our private and public keys. First, we
instantiate a
KeyPairGenerator
named
generator
. We specify that
generator
will create keys conforming
to the RSA algorithm. (Notice we call the static method
KeyPairGenerator.getInstance()
and ask it to
get an instance of itself.) We initialize
generator
with both the key length (1024 bits) and with an
instance of the
SecureRandom
class named
random
.
SecureRandom
is a trustworthy random number
generator. We will use
random
to even greater purposes in the next chapter.
Note
Someday, a 1024 bit RSA key may be insufficient, but at this time, it is still considered relatively
unbreakable.
KeyPairGenerator
generates a single object: a
KeyPair
that we call
pair
. We get our separate public
and private keys (
locRSAPubKey
and
locRSAPrivKey
) by calling methods in
KeyPair
. Notice also that we
cast the public key that we get from
KeyPair
as an
RSAPublicKey
type in this statement:
locRSAPubKey = ( RSAPublicKey )pair.getPublic();
Casting can add functionality to an object as long as the object you cast to implements (is a superset
of) the object in hand. In this case
RSAPublicKey
is a superset of the
PublicKey
class. When
RSAPublicKey
was defined, the definition looked like this:
public class RSAPublicKey implements PublicKey …
We cast the
PublicKey
to an
RSAPublicKey
so that we can use some methods that only exist for the
RSAPublicKey
class. We will see those in the next section.
When we run Listing 5-1, we end up with the keys. The
locRSAPrivKey
is our private key. We will not
share our private key with anyone. We will do our encryption and decryption using the private key—so
an entity with our public key can then decrypt data from us and encrypt data to us. The
locRSAPubKey
is
the public key of our key pair. We intend to give that key to all requestors.
Hand the Public Key Across the Network
We intend to give
locRSAPubKey
to all requestors (actually we just hand it directly to the Oracle database);
however, we don't know (for arguments' sake) which platform they will be running on, so we can't just
give them our Java cryptographic extensions (JCE) version of the key. Instead, we will give them two
artifacts, which together can be used to build our public key on whatever system.
We can only build another key of the same type with our two artifacts. Our artifacts are
locRSAPubMod
and
locRSAPubExp
. These are the RSA public key modulus and exponent, two numbers that we can use to
calculate the public key. Listing 5-2 shows how we generate those artifacts.
Listing 5-2.
Generating Public Key Artifacts
private static BigInteger locRSAPubMod = null;