Database Reference
In-Depth Information
C:\java\jdk1.6\bin
and
ojdb6.jar
is in
C:\java
, you would execute the following commands (from a
command prompt in the
Chapter5
directory):
C:\java\jdk1.6\bin\javac.exe -cp .;C:\java\ojdbc6.jar orajavsec/OracleJavaSecure.java
C:\java\jdk1.6\bin\java.exe -cp .;C:\java\ojdbc6.jar orajavsec.OracleJavaSecure
As a result, you will see the client date displayed:
Client date: Sat Dec 04 11:29:39 EST 2010
This date
string
was generated, encrypted with the public key and decrypted with the private key all
on the client.
Key Exchange
So far, we have created our RSA private and public keys and demonstrated building a copy of the public
key with two components: the exponent and the modulus. We have also demonstrated encrypting a
Date
string with our copy of the public key and decrypting it with the private key. These are all the aspects of
our RSA key pair that we are going to utilize; however, we will be building the copy of the private key on
the Oracle database, doing our encryption there and decrypting the data with the private key on the
client. To do that, we are going to need some Oracle structures.
We will define a function and a procedure in our Application Security,
appsec
schema. To do this,
connect to Oracle as the
appsec
user and set your role to the privileged
appsec_role
:
CONNECT appsec;
SET ROLE appsec_role;
Note
You can find a script of the following commands in the file named
Chapter5/AppSec.sql
.
Creating a Function to Encrypt Data with Public Key
The Oracle script in Listing 5-11 defines a function that calls the
OracleJavaSecure.getRSACryptData()
method. This will encrypt data using the copy of the RSA public key that we will build on the Oracle
Database. Execute the command in Listing 5-11 while connected to Oracle Database as the Application
Security user,
appsec
.
Listing 5-11.
Oracle Function to RSA Encrypt Data
CREATE OR REPLACE FUNCTION f_get_rsa_crypt(
ext_rsa_mod VARCHAR2, ext_rsa_exp VARCHAR2, cleartext VARCHAR2 )
RETURN RAW
AS LANGUAGE JAVA
NAME 'orajavsec.OracleJavaSecure.getRSACryptData( java.lang.String, java.lang.String,
java.lang.String ) return oracle.sql.RAW';
/
There are three
VARCHAR2
(
String
) parameters that we are going to pass to the function: the public
key modulus, the public key exponent, and the clear-text string that we want to encrypt.
