Database Reference
In-Depth Information
Listing 5-3.
Building Public Key from Artifacts,
makeExtRSAPubKey()
private static RSAPublicKey extRSAPubKey = null;
private static void makeExtRSAPubKey( BigInteger extRSAPubModulus,
BigInteger extRSAPubExponent ) throws Exception
{
RSAPublicKeySpec keySpec =
new RSAPublicKeySpec( extRSAPubModulus, extRSAPubExponent );
KeyFactory kFactory = KeyFactory.getInstance( "RSA" );
extRSAPubKey = ( RSAPublicKey )kFactory.generatePublic( keySpec );
}
We hand both the RSA Modulus and the RSA Exponent to this method,
makeExtRSAPubKey()
. Then
we instantiate a new instance of the
RSAPublicKeySpec
named
keySpec
, which is a specification object for
a key. We also get an instance of a
KeyFactory
named
kFactory
, based on the RSA algorithm. We pass the
keySpec
to the
kFactory
to generate the public RSA key. This key is equivalent to the public key that was
originally generated, so we can use it to decode data that is encoded with the original private key.
What does all this mean? How will we use this so-called equivalent key? We generate the key pair on
the client. Then we pass the public key modulus and exponent to Oracle database. We assemble an
identical public key on the Oracle database. At that point, our plan is to encrypt data with the public key
on Oracle and transmit the encrypted data to the client. The client alone will be able to decrypt the data
using the private key.
Generating the RSA Cipher
A cryptographic key is really nothing more than a mathematical construct; it does not inherently have
the functionality we need to put it to use. Instead, we need to have a
Cipher
class that can use the key to
do our work. We generate the
Cipher
,
cipherRSA
with the code shown in Listing 5-4.
Listing 5-4.
Generate RSA Cipher,
makeCryptUtilities()
private static Cipher cipherRSA;
private static void makeCryptUtilities() throws Exception {
cipherRSA = Cipher.getInstance( "RSA" );
}
Our
makeCryptUtilities()
method will be called from the client when we call
makeLocRSAKeys()
,
and from the Oracle database when we call
makeExtRSAPubKey()
.
The
Cipher
class can generate a cipher of various types. We are specifically creating a new instance
of
Cipher
that uses the RSA algorithm.
Note that we don't say
new Cipher()
, but we call the static
Cipher.getInstance()
method to get a
specific instance of itself. If you review the code we've seen so far in this chapter, you will see that quite
frequently we are not instantiating an object in our code with the
new
statement; rather, we are getting
new instances from some provider method, some factory or some other provider. It is important to
understand that somewhere in that process, some method or other got a
new
instance to deliver to us.