Database Reference
In-Depth Information
generator.initialize( keyLengthRSA, random );
KeyPair pair = generator.generateKeyPair();
locRSAPrivKey = pair.getPrivate();
locRSAPubKey = ( RSAPublicKey )pair.getPublic();
}
We use the JCE class named KeyPairGenerator to generate our private and public keys. First, we
instantiate a KeyPairGenerator named generator . We specify that generator will create keys conforming
to the RSA algorithm. (Notice we call the static method KeyPairGenerator.getInstance() and ask it to
get an instance of itself.) We initialize generator with both the key length (1024 bits) and with an
instance of the SecureRandom class named random . SecureRandom is a trustworthy random number
generator. We will use random to even greater purposes in the next chapter.
Note Someday, a 1024 bit RSA key may be insufficient, but at this time, it is still considered relatively
unbreakable.
KeyPairGenerator generates a single object: a KeyPair that we call pair . We get our separate public
and private keys ( locRSAPubKey and locRSAPrivKey ) by calling methods in KeyPair . Notice also that we
cast the public key that we get from KeyPair as an RSAPublicKey type in this statement:
locRSAPubKey = ( RSAPublicKey )pair.getPublic();
Casting can add functionality to an object as long as the object you cast to implements (is a superset
of) the object in hand. In this case RSAPublicKey is a superset of the PublicKey class. When RSAPublicKey
was defined, the definition looked like this:
public class RSAPublicKey implements PublicKey …
We cast the PublicKey to an RSAPublicKey so that we can use some methods that only exist for the
RSAPublicKey class. We will see those in the next section.
When we run Listing 5-1, we end up with the keys. The locRSAPrivKey is our private key. We will not
share our private key with anyone. We will do our encryption and decryption using the private key—so
an entity with our public key can then decrypt data from us and encrypt data to us. The locRSAPubKey is
the public key of our key pair. We intend to give that key to all requestors.
Hand the Public Key Across the Network
We intend to give locRSAPubKey to all requestors (actually we just hand it directly to the Oracle database);
however, we don't know (for arguments' sake) which platform they will be running on, so we can't just
give them our Java cryptographic extensions (JCE) version of the key. Instead, we will give them two
artifacts, which together can be used to build our public key on whatever system.
We can only build another key of the same type with our two artifacts. Our artifacts are locRSAPubMod
and locRSAPubExp . These are the RSA public key modulus and exponent, two numbers that we can use to
calculate the public key. Listing 5-2 shows how we generate those artifacts.
Listing 5-2. Generating Public Key Artifacts
private static BigInteger locRSAPubMod = null;
 
Previous Page
Next Page
Expert Oracle and Java Security
Search WWH ::




Custom Search
Home