Database Reference
In-Depth Information
Server date: SAT DEC 04 14:59:50 EST 2010
Both of these sets of test used our rebuilt copy of the RSA public key to encrypt the date
String
, and
used the RSA private key to decrypt the date
String
. In the second set of tests, the public key was rebuilt
on the Oracle Database and the date
String
was encrypted there. Then the encrypted
RAW
data was
returned to the client, where it was decrypted and printed. Ta da! You have accomplished client-server
encrypted data transmission! This process is depicted in Figure 5-1.
Figure 5-1.
Client/server public key encryption
There is a section of Figure 5-1 that is outlined and labeled as
[A]
. That section is a depiction of the
generation of the RSA key pair. Within that outline is an image of a key which represents the RSA key pair
as it exists on the client.
The client application makes one call to the Oracle Database, to the procedure named
p_get_rsa_crypt_sysdate
. In that call, the RSA public key modulus and exponent are sent to the
database. On the database, a java stored procedure,
f_get_rsa_crypt
is called, which in turn calls Java in
the Oracle JVM, to a method named
getRSACryptData()
. That is the starting point for building an
equivalent RSA public key, depicted by the key image on the right side of Figure 5-1.
The Oracle JVM uses the equivalent public key to encrypt the
CURRENT_TIMESTAMP
value from the
Oracle database, and then returns that encrypted value to the client application. From there, the client
will decrypt the value using the RSA private key. The private key only exists in this client, so only this
client can decrypt the data being returned by the Oracle database.
Removing the Demonstration Oracle Structures
We are not going to need the Oracle function or procedure that we built in this chapter. They were just
for our use in demonstrating our client/server RSA public key encryption. We will be building some
