Database Reference
In-Depth Information
x.printStackTrace();
}
return rtrnString;
}
This method takes a
RAW
parameter named
cryptData
. The code gets the byte array from
cryptData
and passes it to the
cipherRSA.doFinal()
method to decrypt. We instantiate a new
String
from the
decrypted byte array, and return that
String
to the caller.
You will recognize the similarities in error handling between this and the
getRSACryptData()
method described above. One additional measure we are taking here is to print out the stack trace of any
Exception
that's thrown.
This method is not needed in future chapters, because we will not be encrypting just any old data
with our RSA public key; rather, with the RSA keys we will only be encrypting / decrypting specific
artifacts of our secret password key that we create in the next chapter. So we will repackage this
decryption call specifically for that purpose.
Testing on Client and Server
Earlier in this chapter, you compiled
OracleJavaSecure.java
on your workstation. Let's make a couple
changes to the code now. First of all, if you saved the version that we installed on the Oracle Database,
then you may have uncommented the first line. If so, comment it again:
//CREATE OR REPLACE AND RESOLVE JAVA SOURCE NAMED appsec."orajavsec/OracleJavaSecure" AS
Down a little ways from the top of the file, in the body of the class code, set the
boolean
named
testingOnServer
to
true
. That change will cause the second half of the
main()
method to execute.
private static boolean testingOnServer = true;
private static String appsecConnString =
"jdbc:oracle:thin:AppSec/password@localhost:1521:Orcl";
Additionally, we want to connect from this client code to the Oracle Database, so edit the next line
down with the correct host, port, instance and password needed to connect as
appsec
user. Be sure to
save your changes.
Inside the
main()
method, after the code we discussed previously, we have another section for
testing client/server public key encryption. We check the
testingOnServer
boolean
that we set
previously, and if
true
we continue our testing. The first thing we want to do is establish our Oracle
Connection
,
conn
based on the
appsecConnString
we edited above. See Listing 5-15.
Listing 5-15.
Testing PKE on Client and Server
if( testingOnServer ) {
// Since not on the Server, must load Oracle-specific Driver
Class.forName( "oracle.jdbc.driver.OracleDriver" );
// This will set the static member "conn" to a new Connection
conn = DriverManager.getConnection( appsecConnString );
Using IN and OUT Parameters in an OracleCallableStatement
Also in the
main()
method, you will see our code to prepare an
OracleCallableStatement
. We are using a
Statement
class of that type so that we can read the
OUT
parameters. Notice as we prepare the call, in
Listing 5-16, that we list the procedure name and have a list of question marks for the parameters we are