Database Reference
In-Depth Information
}
We've discussed a lot of the
Exception
handling already. This method is generally called first of the
current foursome, and includes a bit more error reporting. Because we are returning a
RAW
, we can return
up to 32,767 bytes of data. In the
catch
block, we instantiate a
CharArrayWriter
of size 32,767 characters
in an array in memory. Then by stacked calls, we instantiate a
PrintWriter
, which points at the
CharArrayWriter
. Then we print the
Exception
s
tack trace to that
PrintWriter
. As a result, we get the
stack trace in a char array writer,
errorText
. We call
errorText.toString().getBytes()
to get a byte array
of the stack trace, and then we instantiate a
RAW
from that, which we can pass back to the client.
At the client, if we have trouble deciphering the passphrase that we are seeking from the
RAW
that has
been returned, we can read the
RAW
as a
String
and see the
Exception
stack trace. This is a handy
troubleshooting practice in a client/server environment when you'd like to see the error that the server
sees, not just the error at the client.
Listing 6-6 shows the second of this bunch of methods. This one returns the name of the actual
algorithm that's in use on the Oracle database. In the
try
block, you'll see a feature common to all these
methods. We test to see if the
sessionSecretDESKey
is
null
, and if it is, we call
makeSessionSecretDESKey()
(described earlier) to create the secret password key.
Listing 6-6.
Encrypt the Algorithm Name,
getCryptSessionSecretDESAlgorithm ()
public static final RAW getCryptSessionSecretDESAlgorithm(
String extRSAPubMod, String extRSAPubExp )
{
RAW rtrnRAW =
new RAW( "getCryptSessionSecretDESAlgorithm() failed"
.getBytes()
);
try {
if( null == sessionSecretDESKey ) makeSessionSecretDESKey()
;
rtrnRAW =
getRSACryptData
( extRSAPubMod, extRSAPubExp,
sessionSecretDESAlgorithm );
} catch( Exception x ) {}
return rtrnRAW;
}
The last common call in the
try
block is a call to the
getRSACryptData()
method described
previously) to encrypt the secret password key artifact; in this case, the algorithm name. That generates a
RAW
data type containing the encrypted artifact, which will be returned to the client.
Please take note of what is returned if an exception is called. We still return
rtrnRAW
, but its value is
the bytes of the string
"getCryptSessionSecretDESAlgorithm() failed"
. Having this reported back to the
client can be helpful for troubleshooting. Also, note how we get the bytes of that
String
—we treat the
value between quotation marks as if it were already
a
String
object, calling the
getBytes()
method. Is
that allowed? Yes!
The last two methods in this group, shown in Listings 6-7 and 6-8, return the salt and iteration count
as encrypted
RAW
data types.
Listing 6-7.
Encrypt the Salt,
getCryptSessionSecretDESSalt ()
public static final RAW getCryptSessionSecretDESSalt( String extRSAPubMod,
String extRSAPubExp )
{
RAW rtrnRAW = new RAW( "getCryptSessionSecretDESSalt() failed".getBytes() );
try {
if( null == sessionSecretDESKey ) makeSessionSecretDESKey();
