Database Reference
In-Depth Information
In the
main()
method, we have two method
String
members,
clientPubModulus
and
clientPubExponent
. We set those members by calling our two public methods,
getLocRSAPubMod()
and
getLocRSAPubExp()
. We are acting as the client application, calling those methods. We continue to act as
the client application, but only imagine sending those values to the Oracle Database (at this point, we
are just going to use those values locally.)
Now, pretending that we are the Oracle Database, we use those values we just “received,” and we
call the
makeExtRSAPubKey()
method in order to generate a replica of the public key. (Although, on the
server that method is
private
and will not be called directly.) Then the server uses (we use) that public
key to encrypt some clear sample data. The sample data,
sampleData
we are using is the date and time
that we get by instantiating a new
Date
class.
We initialize
cipherRSA
using
extRSAPubKey
, the public key copy that we built, and we set it to
ENCRYPT_MODE
. Then we call the
doFinal()
method, encrypting the
clearBytes into cryptBytes
. Note
again that the
cipherRSA.doFinal()
method takes a byte array as its parameter and returns a byte array,
so we convert the
sampleData
String
to a byte array using
String.getBytes()
, in order to submit the
clearBytes
to
cipherRSA.doFinal()
. We end up with
cryptBytes
, a byte array of encrypted data.
Then back at the client, we “receive” the
cryptBytes
encrypted byte array. (The process of calling the
Oracle Database to return encrypted data is a bit more complex than this first test, and we will see the
details in the second half of this chapter.) Acting as the client, then, we initialize our own
cipherRSA
using the
locRSAPrivKey
private key, to
DECRYPT_MODE.
Then we call the
doFinal()
method. This should
return the original clear byte array, from which we create a new
String
instance named
newSampleData
,
and which we print. If all has gone well, what we will see is the
newSampleData
, the client date and time as
the output.
Notice at the end of Listing 5-10 that there is a call to
System.exit(0)
. That call actually terminates
the running JVM. It is important to include that call at the end of most
main()
methods, because if your
application is running other threads of code, the JVM may not terminate when you get to the end of
main()
, even though you are done with it. Be aware that you do not normally call
System.exit(0)
in
main()
for GUI applications where your
main()
method displays the GUI interface and then ends. The
main()
ends, but the GUI exists until some control in the GUI (like an
Exit
button) issues a similar
System.exit(0)
call. By the way, the
0
(zero) means exit with an OK status code. Any other number is
considered an error code which can be sensed by the operating system, as needed.
Also take note of the
catch
block and our call to
Exception.printStackTrace()
. With that call, any
exception caught in the
main()
method will print out a list of each consecutive method call and the line
number from which each consecutive call is made. The line number in
main()
where the exception
occurred will be at the bottom of the list and the method it called and line number where the exception
occurred will be listed above that, and so on. At the top of the list will be the specific exception that
occurred and the method and line number where it happened. That list is called a stack trace.
Running the Code
If you have set your
PATH
and
CLASSPATH
as described in Chapter 3, then your job is easier. First run a
command prompt (
Start Menu
Programs
Accessories
Command Prompt
). Then change
directories to
Chapter5
. Compile the code with this command:
javac orajavsec/OracleJavaSecure.java
Then run the code from that same directory with this command:
java orajavsec.OracleJavaSecure
If you have not set your
PATH
and
CLASSPATH
, then you need to locate your compiler (
javac.exe
). And
you need to go to the same directory as mentioned previously. For example, if
javac.exe
is in